Legal Executive Institute
Making Heads or Tails of the California Consumer Privacy Act
February 26, 2020
By Daniel B. Garrie
Many believed and hoped the California Consumer Privacy Act (CCPA), which went into effect January 1, 2020, would be a saving grace piece of legislation that would finally bring law up to speed with technology.
Sadly, like most pioneers in their field, the CCPA contains drawbacks that hinder its impact in addressing growing privacy concerns. Above all, the CCPA lacks the mechanisms necessary to achieving its purported goals. This can be seen in its “opt-out” structure, its law-enforcement protocol, and discrepancies between it and existing regional privacy laws such as the European Union’s General Data Protection Regulation (GDPR).
Let us begin with the CCPA itself. The CCPA gives California residents new rights for learning what data containing personal information about them has been collected, sold, and stored. It also gives consumers the right to request that this data not be sold and to ask that it be deleted. In sum, the CCPA gives consumers unprecedented new rights and is a huge leap forward in a U.S. legal landscape that has never comprehensively addressed individual data privacy.
Indeed, the power of the CCPA stands in its ability to force structural change within the operating methods of many companies. To get into compliance with the new law, companies must be more transparent and more cognizant of what data they are collecting from customers and where it is stored. These measures will lead to better privacy practices, eventually.
To read the full article, go to Legal Executive Institute