On January 1st, a data privacy law will take effect in California. The California Consumer Privacy Act, passed last year, is legislation that is designed to give Californians unprecedented control over how companies collect and use their data.
The law will force companies to disclose information that is collected about Californian consumers, at the consumer’s request. In addition, companies will be forced to delete consumer’s data, upon request. Companies will also be prohibited from selling the consumer’s information if the consumer requests that the company stop doing so.
According to the American Bar Association, the law applies to for-profit businesses around the world if their annual gross revenue surpasses $25 million, if they buy or share for commercial purposes consumer information belonging to 50,000 or more, and if 50% of the business’s annual revenue comes from selling consumer personal information. Parent companies and subsidiaries must comply regardless of whether they meet the thresholds. The International Association of Privacy Professionals estimates that about 500,000 U.S. businesses will be affected.
By consumer, the law is referring to California residents. Californians can take legal action against businesses that do not comply with the new legislation: residents of California can pursue civil suits against companies in violation of the new statute and could get rewarded up to $7,500 for intentional violations.
This law will drastically affect how many experience web browsing. Tech companies have built lucrative businesses off of their consumer’s personal information. Individual behaviors and preferences are gathered, stored, and sold. Many companies rely on targeted ads for revenue. If people demand that companies delete their data, these ads will be less effective. The ABA has called it the toughest privacy law in America.
The law will take effect January 1, 2020 and will be enforceable after a 6 month grace period, beginning May 1, 2020.