Why The New California Consumer Protection Act Matters to You

A Global Privacy Trend is Afoot

Consumers are paying more attention to their privacy rights than ever before. Small businesses that handle consumers’ private data need to pay more attention too.

During the past two years, the percentage of prospective clients who contacted our firm about privacy law issues relative to the other issues we litigate more than doubled. About one-third of those prospective privacy law clients were computer crime victims who had their privacy invaded when the computer crimes were committed. About one-third were individual consumers or groups of consumers who wanted to hold private businesses or public entities accountable for their unreasonable privacy or cybersecurity practices after data breaches or computer hacks had occurred. About one third were small businesses, such as small law firms, who wanted advice on how to improve or audit their privacy or cybersecurity programs or handle data breaches.

The European Union Took the Lead Globally- GDPR

Recognizing the need and demand for them, the European Union implemented the world’s most consumer-friendly privacy laws. It promulgated them through its General Data Protection Regulation (GDPR), which went into effect May 25, 2018. Almost all major U.S. companies that handle EU citizens’ private data had to modify their privacy and cybersecurity programs to ensure they would comply with the GDPR’s strict rules. The penalties for breaking the GDPR’s rules can be severe. Many of the major U.S. companies that spent millions preparing for the GDPR breathed a sigh of relief because the U.S. hadn’t made significant strides towards implementing a comprehensive, consumer-focused, federal privacy law like the GDPR.

California Took the Lead Nationally – California Consumer Protection Act of 2018

This week, California’s legislators voted for the California Consumer Protection Act of 2018 (CCPA). You may read about it in “California Passes Landmark Privacy Legislation.” If the CCPA goes into effect as written in 2020, California’s consumer privacy laws will be more like the GDPR’s than any other state in the U.S. Since California’s economy influences our nation’s economy heavily, the CCPA will increase pressure on federal legislators to create a national privacy law. It might also increase pressure on Arizona and Colorado legislators to follow California’s lead. (What Arizona or Colorado consumer would stand for having fewer and weaker privacy rights than a California consumer?)

The Upshot for Small Businesses Like Yours?

If you handle or will handle any California consumer’s private information, you will need to ensure your firm’s privacy and cybersecurity programs will comply with the CCPA before it becomes law in 2020. It’s best to start getting ready for these things early. If you have any doubts about that, ask the companies who had to get ready for the GDPR.

By Ed Hopkins, HopkinsWay PLLC. | © HopkinsWay PLLC 2018. All rights reserved.

This entry was posted in Data Breach, Privacy, Uncategorized and tagged . Bookmark the permalink.