California Consumer Privacy Act: The American GDPR?
Driven by the continued global rise in consumer data breaches and growing privacy concerns, the State of California recently passed the California Consumer Privacy Act of 2018 (“CCPA”). The CCPA represents the most demanding customer data privacy statute enacted to date at the U.S. state level. Businesses like financial institutions will need to consider existing privacy rules in the U.S. when assessing the potential impact of CCPA.
The CCPA is similar to the recent European Union’s General Data Protection Regulation (“GDPR”) that came into effect in May 2018. While CCPA and GDPR have differences, both laws provide consumers a greater ability to control their personal information. The CCPA also imposes requirements and prohibitions on businesses that collect or sell this information.
Although the CCPA became California state law on September 23, 2018, the Attorney General’s enforcement of the CCPA goes into effect six months after publication of the implementing regulations, or July 1, 2020, whichever comes first. Sia Partners will continue to monitor and report on regulations issued by the Attorney General of California.
This article contains what we know about the CCPA now.
- Download the insight here