On the heels of the General Data Protection Regulation (GDPR) in Europe, the California Consumer Privacy Act (CCPA) is the latest regulation to address the perceived imbalance in power that exists between companies and consumers when it comes to data management.
CCPA is considered to be the most comprehensive data protection law in U.S. history. The act applies to any business that collects data from residents of California, not just those companies headquartered there. CCPA goes into effect Jan. 1, 2020, but there is still time to be better prepared for its enforcement, which will begin around July 2020.
While California’s Attorney General Xavier Becerra’s proposed regulations give businesses some additional guidance, many impacted companies — including financial institutions — lack a sense of the full requirements for compliance. Nevertheless, experts predict the act could serve as a “quantum leap” with respect to privacy, data management, and consumer empowerment, and may ultimately roll outward into federal or other states’ laws, as covered in the box below.
At a high level, CCPA will give California residents the right to:
continue reading »