Signed on June 28, 2018, amended in September, and going into effect January 1, 2020, the California Consumer Privacy Act (CCPA) will provide millions of customers that reside in California with greater control over what personal information companies collect, how companies intend to use that information, and what third parties can access that information.
Broad in its scope and application, CCPA applies to all companies that do business in California and:
After January 1, 2020, the California Attorney General can seek civil penalties of not more than $2,500 per violation, or up to $7,500 per intentional violation. The CCPA also provides for a private right of action, opening thousands of companies up to additional potential exposure.
Further, the landmark piece of cyber and data privacy legislation is likely to serve as a template for similar statutory and regulatory changes in other states, and potentially even at the federal level.
Goldberg Segalla’s Cybersecurity and Data Privacy Practice Group has created a CCPA Fact Sheet, covering thresholds, dates, penalties, obligations, and pathways to compliance.
For more information on options and obligations under the CCPA, or to discuss how Goldberg Segalla can help you achieve compliance, please contact Cybersecurity and Data Privacy Practice Group Chair Marc S. Voses at 646.292.8720 or firstname.lastname@example.org.