California’s Privacy Law Goes Into Effect Today. Now What?
Fittingly for the start to a new decade, California decided to go big with its 2020 New Year’s resolution. Today, the California Consumer Privacy Act goes into effect. Passed unanimously in June 2018, it’s the first law in the US to set up a comprehensive set of rules around consumer data, akin to the European Union’s General Data Protection Regulation, or GDPR. Industry and privacy advocates have been fighting over the fine print ever since.
Now the law is officially on the books in the biggest state in the union and the world’s fifth-largest economy. For the average internet user in California, life will not be radically different. But as the mechanisms of the law get finalized, and depending on how it’s enforced, its impact could go a long way to determining whether the 2020s become the decade when the US started taking privacy seriously.
The CCPA applies to any company that operates in California and either makes at least $25 million in annual revenue, gathers data on more than 50 thousand users, or makes more than half its money off of user data. For California residents, it creates a handful of new rights over their data. The most significant categories are what Alastair Mactaggart, the California real estate magnate behind the ballot initiative that led to the law being passed, calls “the right to know” and “the right to say no.” That means users will, as of today, be able to see what data companies have gathered about them, have that data deleted, and opt out of those companies selling it to third parties from now on.