California Lawmakers Unanimously Pass Online Privacy Bill

California lawmakers passed a new data privacy law that gives consumers more control over their data and insight into businesses’ data collection and sharing practices. Called the “California Consumer Privacy Act of 2018,” it is currently considered as the strongest digital privacy policy in the United States and is set to be implemented starting January 1, 2020. Among its most talked about stipulations is the regulation of data harvesting procedures of technology companies. At the same time, consumers have more rights on which companies can store or sell their data while still receiving services from the said companies.

[Read: Securing data through GDPR’s privacy by design]

Submitted unopposed and signed by Governor Jerry Brown on the last week of June 2018, the bill requires companies to disclose the personal information gathered on its customers and the reason for the collection. Third-party agencies and related or affiliated companies to whom data will be sold or shared should be identified and known to the consumers as well. Companies are expected to still provide the same quality of service even if consumers choose to delete or withhold their information, though companies may charge higher fees in such situations. The regulation also imposes more restrictions on the acquisition and exchange of personal data of children younger than 16 years old, makes it easier for consumers to sue companies in the event of a data breach, and authorizes the attorney general to penalize enterprises who don’t comply.

[Read: Digging into the new ePrivacy Regulation: Balancing Privacy and Progress]

California’s data privacy law is not as expansive as the European Union’s General Data Protection Regulation (GDPR) — currently heralded as the most comprehensive data protection regulation in the world — and further revisions are expected to shape the final version of the law before it takes effect in 2020. As California is home to a number of technology and telecommunications companies, other lawmakers, tech companies, lobby groups, and advocates are already expressing their concerns on the possible amendments that can be made. Policymakers observed how, as with the GDPR, data regulation policy affects more than the digital sector of the economy, and public discussions have begun on how there can be more businesses who opt in than opt out.

[Read: GDPR empowers users through data transparency and control]

Ever since the GDPR took effect in Europe and required the compliance of businesses, a number of other countries such as Canada and Australia have followed suit in reinforcing their privacy regulations for their citizens’ protection, as well as further mapping out the affected industries for data management guidelines. More groups hope that other states in the U.S. also fall in step with the new data regulations passed in California, especially in light of several data breaches and misuse of customers’ information.

[Read: Are you GDPR compliant?]


Like it? Add this infographic to your site:
1. Click on the box below.   2. Press Ctrl+A to select all.   3. Press Ctrl+C to copy.   4. Paste the code into your page (Ctrl+V).

Image will appear the same size as you see above.

Опубликовано в Online Privacy, GDPR, Data Privacy