Following a six month grace period, California has begun enforcing its new privacy regulation, effective July 1.
The California Consumer Protection Act (CCPA) was signed into law on January 1. Similar to the EU’s GDPR, the CCPA is a robust set of laws designed to protect individual privacy and give consumers more control over the data companies collect about them. Companies were given a six month grace period before enforcement began, but that grace period ended on June 30.
The CCPA likely impacts more companies than many realize. It directly applies to companies that do $25 million in annual revenue, companies that derive at least half of their revenue from selling their customers’ data or companies that collect data on at least 50,000 individuals.
Potential penalties are high enough to ensure compliance. Non-intentional violations could cost as much as $2,500 per incident, while intentional violations could cost as much as $7,500.
While many companies have struggled to be ready for the new law, privacy advocates have praised it for protecting the interests of consumers.