It’s 2020, and the California Privacy Act is now in effect. The new law, which Fast Company considers to be “groundbreaking” for the U.S., is giving privacy power back to Californians, and anyone doing business with it. Here are four major points decision makers need to know about it:
- The CCPA keeps users’ data protected five ways:
- Companies are required to tell residents what types of information is being collected about them.
- Companies are required to share which types of data they have on a resident (residents must submit a request for this).
- Companies are required to inform residents what types of third-party companies their information is being shared with (residents who want to know the names of those third-party companies have to submit a request from that company).
- Residents can choose to opt out of having their information shared to third-party companies.
- Companies are unable to penalize residents who choose to opt-out (although companies are able to offer incentives to people to remain opted-in).
- Smaller companies get a break from the CCPA; they are exempt from the law if they make less than $25 million in gross annual revenue, or collected data on less than 50,000 customers. Larger companies, particularly those that make more than half of their revenue from selling customers’ data, are held accountable to the CCPA. Any company that violates the law is susceptible to a $2,500 fine per violation.
- You don’t have to live in California for the law to apply to you – even if companies do business with the Golden State, the law applies to them, too. To get caught up with law requirements, companies have already started creating links that take users to opt-out forms, Fast Company says.
- The effects of the CCPA are expected to spread. Other states are starting to catch on to the CCPA, and implement their own privacy laws, including Maine and Nevada. Some tech companies, such as Microsoft, are already taking steps to “extend the CCPA’s ‘core rights’” nationwide.