What is the California Consumer Privacy Act of 2018?

Photo by  Helloquence  on  Unsplash

Photo by Helloquence on Unsplash

On June 28, 2018, hot on the heels of the European Union’s General Data Protection Regulation, California passed a new law providing some of the strongest privacy protections to date in the US, outlining what a company can and cannot do with your data.  Although the law does not take effect until 2020, we can already begin to see movement from companies scrambling to comply with it.

The privacy act is broken up into 4 core sections: Own your personal information, Control your personal information, Secure your personal information, and Hold big corporations accountable. We have provided some key points below about how each section might impact you.

1. Own Your Personal Information

  • It is your right to know if information is being collected.

  • You can request that the business disclose what categories of personal information was collected, sold, and disclosed to whom.

2. Control Your Personal Information

  • You have a right to ‘opt out’ of your personal information being sold by a business.

  • You cannot be discriminated against if you decide to ‘opt out’ of having your information being sold. In other words, a business cannot give different pricing, different level of service, or different quality of goods.

3. Secure Your Personal Information

  • Any business must implement and maintain reasonable security procedures and practices to protect your personal information.

4. Hold Big Corporations Accountable

  • These rules only apply to businesses:

    • that earn over $50,000,000 a year in revenue

    • that sell 100,000 or more consumer records each year

    • that derive at least 50% of their annual revenue by selling consumers’ personal information

  • All businesses must comply if they deal with Californians’ personal information. Even companies located outside of California.

When it comes to privacy in the US, this is a great first step but this is just the beginning of our journey towards giving you back control of your personal data. However, there are a few things that the act falls short on, such as completely removing the data from the business or getting a copy of the data that the business was able to collect about you.  Until our vision of a world where you have complete control of how your data is used becomes a reality, the NetCloak team will be hard at work. Check us out at https://netcloak.io.