California Data Privacy Law: Understand the Impact to Your Business
by Paula Kubo, on Jul 18, 2018 3:46:07 PM
Power to the people! Amid increasing concerns about digital privacy and the recently approved General Data Protection Regulation (GDPR) in Europe, California’s legislature has enacted a new law with the goal of empowering the state’s residents to claim their rights over personal data disclosed to companies in the U.S.
The California Consumer Privacy Act of 2018 (CCPA) is expected to come into effect at the start of 2020 and applies only to California residents. This law represents the most rigorous privacy control legislation implemented in the country.
With this initiative, consumers will be able to demand more transparency from businesses in the questionable digital landscape we live in, which became even murkier after the Cambridge Analytica incident reported in March involving Facebook data.
The resolution has the potential to affect all companies that deal with customer’s personal data or operate in the digital space. Advertising over Social Media platforms may change as California residents are able to delete their data or request to bring it with them to other service providers.
Some of the changes for California residents:
- They must be informed about what kinds of personal data businesses have collected and why it was collected;
- They can request the removal of personal information;
- They can opt out of the sale of personal information;
- They can access their personal information in a “readily usable format” that allows its transfer to third parties with no restraint.
This California data privacy law understands “personal information” as any personal identifiers including geolocation, biometric data, internet browsing, history, psychometric data and inferences a business may make about the consumer. In the event that a company fails to keep reasonable security practices that result in unapproved access to personal data, consumers will have the right to sue as the protection over their data will be enforced by the state.
In the meantime, companies will have two options:
Reform their global data protection and data rights infrastructure to follow the California Consumer Privacy Act, or architect a system in which Californians are treated differently.
Nonetheless, we should stay tuned to see the development of this decision and its future impact. Such measures may not please Silicon Valley and the executives of tech giants who’s primary concerns are the profitability of their empires.
Written by Paula Kubo.
Paula is a Marketing Specialist working with NovaStor to spread the good word about data protection. The views expressed are her own. Learn more about NovaStor's network backup software or single-server backup software.