{"id":4165,"date":"2019-09-04T19:06:00","date_gmt":"2019-09-04T19:06:00","guid":{"rendered":"https:\/\/www.backupsfdc.io\/?p=4165"},"modified":"2021-05-07T17:34:47","modified_gmt":"2021-05-07T17:34:47","slug":"with-the-california-consumer-privacy-act-looming-businesses-are-in-the-hot-seat","status":"publish","type":"post","link":"http:\/\/18.233.203.232\/with-the-california-consumer-privacy-act-looming-businesses-are-in-the-hot-seat\/","title":{"rendered":"With the California Consumer Privacy Act Looming Businesses Are in the Hot Seat"},"content":{"rendered":"\n

The General Data Protection Regulation, or GDPR, went into effect on May 18, 2018, effectively setting a tone for new regulations to protect consumer privacy.  By one standard, GDPR was just in time. The Identity Theft Resource Center reported that exposed consumer data grew 126% in 2018<\/a>, to encompass 446.5 million \u201csensitive records.\u201d  Business Insider ranked what it called the 21 \u201cscariest data breaches\u201d<\/a> of the year \u2013 with celebrated organizations such as British Airways, Orbitz, T-Mobile, Saks, Cathay Pacific Airways, Facebook and Google+ as their chief targets. <\/p>\n\n\n\n

Meanwhile, the California Consumer Privacy Act (CCPA) is set to take effect January 1, 2020 \u2013 a crushing deadline for millions of businesses.<\/p>\n\n\n\n

While data privacy regulations have focused on holding organizations accountable for breaches of their systems and the Personally Identifiable Information (PII) they hold, what has arguably received much less attention is the rights of consumers to enforce the privacy of their personal data under California Consumer Privacy Act.<\/p>\n\n\n\n

A tenet of CCPA is that consumers<\/a> should feel free to exercise their rights to safeguard their personal data.  What\u2019s more, consumers should demand that organizations will be transparent about the usage of their personal data: what information the organization collects, how it is being used, and who it is being shared with.<\/p>\n\n\n\n

Now, with California Consumer Privacy Act less than three months away, consumers have time to learn their privacy rights under CCPA.  But businesses are in the hot seat, scrambling to become compliant by January 1. A recent survey<\/a> of 250 privacy professionals at organizations with 500 or more employees revealed<\/a> that 86% of companies are not prepared for the advent of the CCPA.<\/p>\n\n\n\n

Businesses that don\u2019t comply by January 1 may be subject to stiff penalties. California Consumer Privacy Act penalties (issued via civil cases from the attorney general) can reach up to $2,500 per unintentional violation and up to $7,500 per intentional violation. And yet, most organizations face the uphill battle of revamping a number of business practices, but also systems to implement the new rights of consumers.<\/p>\n\n\n\n

If a regulation ever demonstrated the primacy of personal data and privacy, it\u2019s California Consumer Privacy Act.  Not only that, but CCPA\u2019s definition of personal data is extensive and comprehensive. Personal data, as defined in Section 1798.140(o)(1) includes \u201cinformation that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.\u201d  And CCPA is more stringent, saying<\/a> that \u201cCalifornians are not just protected in their roles as consumers, but also as employees, patients, tenants, students, parents, children, etc.\u201d <\/p>\n\n\n\n

The act spells out consumer protections in detail: Consumers have the right to:<\/p>\n\n\n\n