On January 1, 2020, California’s new consumer privacy act became effective. The California Consumer Protection Act, or CCPA, includes a broad definition of “personal information” that not only includes identifiers like name, address, phone number and email address, but also “purchasing or consuming histories or tendencies,” audio, electronic, visual, thermal and olfactory information and inferences drawn from other personal information “reflecting the consumer’s preferences, characteristics . . . intelligence, abilities and aptitudes.”
The CCPA applies to any entity doing business in California that collects information about California consumers or households and either has annual gross revenues in excess of $25 million, receives or shares personal information of over 50,000 California consumers or derives at least fifty percent of its revenue from selling such consumer information.
Entities subject to CCPA operating online must post a privacy policy that notifies California residents various rights, such as the right to request information that has been collected by the entity, the right to request deletion of such information and the right to opt out of the sale or bartering of that information to third parties.
The CCPA has been amended as recently as October, 2019. Additionally, the California Attorney General is required to adopt regulations prior to July 1, 2020 when enforcement actions may take place.
The original text of the law is available here and a useful amendment tracker is available here. Contact us at Ossian Law P.C. regarding any information technology law matter.
© 2020 Ossian Law P.C.