On June 28, 2018 Governor Brown signed off on the strictest set of data privacy laws to date in the United States – the California Consumer Privacy Act of 2018 (full text here). Learn more about how it compares to the former ballot initiative here.
The Consumer Privacy Act will give Californians unprecedented rights to know what information businesses collect about them, where that information comes from, and control how that information is shared. It applies to all companies that “do business” in California and that exceed one of the following thresholds:
- Annual gross revenues of more than 25 million dollars
- Processes the personal information of 50,000 or more California residents, households or devices annually
- Receives 50% or more annual revenue from selling the personal information of California residents
According to a recent study by the International Association of Privacy Professionals, this means that over 500,000 US companies will be affected by the Consumer Privacy Act – including small to medium sized businesses.
Given the far-reaching effects of the Consumer Privacy Act, here are the top 5 things businesses should know about this new law:
1. The “Right to Know”: California consumers will have the ability to make a request, once every 12 months, to receive the following information about them: