Starting from January 2020, the citizens of California will regain control over their personal data, as the way businesses are using this information now will completely change.

The new California Consumer Privacy Act is all about control over personal information. Inspired by the new European Union General Data Protection Regulation, and enhanced by many privacy scandals that happened in the country, this CCPA is probably the best privacy bill in the United States up until this moment. In a time when US citizens are struggling to keep net neutrality, the new law is an excellent sign that things are going in an upwards direction. The question now is whether the rest of the country will follow this trend?

What is CCPA?

In late June 2018, California lawmakers passed a bill that grants the residents of this US state to have European-like rights over their sensitive information. The privacy law will change the way online businesses use their customers’ information and restrict what they can do with it. Similar to the GDPR, the CCPA will grant more control over your online data. This will include the following:

  • California residents will be able to see what personal information is being collected, and why.
  • They will know which third-parties this information is being shared with.
  • If they don’t want this data to be shared, they have legal rights to “opt-out” without being charged or punished.
  • The consumers will also have the right to ask for this information to be deleted, while businesses will have to alert customers in case of a data breach.

California allows the public to propose measures that can change the law, and this is how the CCPA came into existence. The campaign of Alastair Mactaggart, a real-estate developer triggered by the current situation, gained the attention of the people. This initiative became so popular that it ultimately found its place on the ballot for November.

The law will come into force Jan.1, 2020. Until then, companies have just about enough time to prepare themselves for these changes. However, in order for them to be compatible, they have to start record-keeping and complete data mapping not later than Jan.1, 2019.

The cost for doing so will be high, but realistic for larger businesses. It will take time for the law to fully come into force. However, despite this, the changes are very challenging for companies, and they come with potential flaws. The biggest one of all is their extremely broad definition on which information will be covered by the law. This includes browsing history, geolocation data, etc.

In case businesses and service providers are not respecting the due dates, they will be given a 30-day notice by the California Attorney General’s Office (CaAG). It’s estimated that the CaAG will need over 50 full-time employees to enforce the CCPA and over $57.5 million to cover the costs.

What Will Be Regulated Under the Law?

To simply say “businesses” would be a very broad term. The new California data privacy law targets certain for-profit entities that collect online information on this particular U.S state. The companies or service providers should be the controllers of the data and to have gross revenue in excess of $25 million. The law will also regulate companies that buy, receive, sell, or share personal information of 50,000+ consumers for commercial purpose. Moreover, businesses that get half of their revenue through selling personal information also fall under this category.

Does the CCPA Affect You?

It depends. Do you live in California? If yes, then in less than two years, you will be able to keep an eye on your personal data. However, only if you are residing on the territory of this state, then you will feel the effect of the new data legislation. For those who live in another US state, or for that matter another country in the world, unfortunately, this law has no affect on them.

But why is it so important then?

The new Californian law laid the first stone towards respecting users’ privacy and their rights over their own personal information. In a time when the US is often struck by scandals concerning this issue, this gives US citizens new hope.  In the meantime, if the new regulation does not affect you, you can always protect yourself by using a VPN.

If you live in a country that is still not under the GDPR/CCPA you can try the following options:


It’s reliable, way more advanced than other providers, and it gives you the possibility to enjoy the GDPR or CCPA simply by selecting one of its many servers in these countries. ExpressVPN is slightly more expensive than other providers, but considering the extensive list of features, the price comes as a real bargain.

Click here to visit ExpressVPN



NordVPN is a decent competition to ExpressVPN. With a large network of servers around the world, this VPN also grants you the opportunity to protect yourself by keeping a low profile on the web. It has excellent security and privacy features.

Click here to visit NordVPN



PureVPN is already GDPR compatible, as this service provider takes your personal data seriously. It’s also very affordable and offers plenty of features included in the price.

Click here to visit PureVPN


If you are wondering how a Virtual Private Network will help, you should know that by signing up with a provider and one of its servers, the VPN will assign you with a different IP address. One that will hide your real location, and allow you to use the internet as a citizen from another country. Choosing one in California, or a country within the EU means that these online websites will treat your data as if you live on this territory. As long as you are using your VPN, you will also stay completely anonymous and private. Besides, by purchasing one, you will also be able to enjoy the other benefits, such as unlocking geo-blocked content, breaking censorships, and protecting yourself from many online threats.