The California Consumer Privacy Act 2018, generally known as the CCPA, will soon come into force on 1 January 2020.
Sometimes described as ‘GDPR Light’, the CCPA is California’s attempt to give consumers greater rights regarding the use of their data by businesses.
It reflects efforts in several jurisdictions to implement higher data protection standards, using the GDPR as a guide. The legislation can be found here.
In general terms, Californian residents are granted some similar rights to those contained in the GDPR, albeit with certain limitations and exemptions.
It is also supposed that the CCPA, like the GDPR, might have extra-territorial scope outside of California.
Affected companies who do business with Californian residents, or trade in their data, may have to take steps to comply with the legislation, including taking local legal advice.
Californian residents will also welcome the opportunity to assert greater control over how companies make use of their data, and how it affects their rights in both the business and privacy spheres.