Does your business collect personal information from residents in California? Does it monitor user activity on its website? If so, there is a good chance it will need to comply with the California Consumer Privacy Act (“CCPA”), which takes effect January 1, 2020.

Following the European Union’s implementation of GDPR, California adopted the CCPA, which imposes significant new privacy obligations on businesses that collect information from California residents, including the collection of internet browsing activity on business websites. Under the CCPA, businesses must disclose the types of personal information they collect, sell, or share about California residents. Among other rights recognized by the law, consumers will have the right to request reports on the information collected about them and deletion of their information. The California Attorney General will have general enforcement power, and consumers will have a right to bring lawsuits for certain matters, including potentially class actions.

The CCPA is far-reaching and imposes significant compliance duties on businesses in all industries doing business with California residents. It will transform how companies collect and use personal information. It is also stands to increase the risk of consumer lawsuits, including class actions, against businesses covered by the CCPA.

CLICK HERE to continue reading about the scope and effects of the CCPA. If you would like information specifically tailored to the impact of CCPA on your business, please reach out to one of our Global Privacy & Security Blog authors.