California Dreamin': All things California Consumer Privacy Act
Now, I know what you’re thinking… the European Union passed the General Data Protection Regulation (GDPR) and all we get in the United States is California as our ONLY saving grace?!? Yup, that’s right ladies and gentlemen! Thanks to California, we now have The California Consumer Privacy Act (CCPA) which was signed into law in June 2018 by Governor Jerry Brown. This is the first of its kind, following in the footsteps of GDPR. Although the lines are still “blurry,” the California Attorney General is set to publish regulations between Jan.1 2020, and July 2, 2020.
So, like what do we know?
The CCPA extends the protections and rights to California residents, which is defined as any natural person “enjoying the benefit and protection of laws and government” of California who is in California “for other than a temporary or transitory purpose” or “domiciled” in California but “outside the State for a temporary or transitory purpose.”
For now, the CCPA will apply to for-profit entities that both collect and process the Personal Information of California residents and do business in the State of California. However, a physical presence in California is not a requirement, and it appears that making sales in the state would be sufficient. Additionally, the business must meet at least one of the following criteria in order for the CCPA to apply:
The business must generate annual gross revenue in excess of $25 million,
The business must receive or share personal information of more than 50,000 California residents annually, or
The business must derive at least 50 percent of its annual revenue by selling the personal information of California residents.
