The California Consumer Privacy Act (CCPA) is the most sweeping data privacy rights law to be enacted in the nation. It was formed, in part, due to advertisers using consumer data collected without consent to influence major events, such as political elections. With a codification date of January 1, 2020, CCPA arrives on the heels of Europe’s GDPR.
California’s Attorney General Xavier Becerra released his proposed regulations for the law in early October of 2019, and enforcement of the legislation will begin July 1, 2020. CCPA will continue to evolve as issues arise, technology changes, and fraudsters probe and exploit weaknesses. In fact, a “CCPA 2.0” could be on the horizon.
In September of 2019, proponents of the original CCPA ballot initiative drafted a new initiative—The California Privacy Rights and Enforcement Act of 2020—that will be voted on in 2020. If this legislation passes, the initiative will expand its scope to commission a California Privacy Protection Agency and create a new data category called “sensitive information,” which includes geolocation information, Social Security number data, and passport number data.