The Most Comprehensive Data Protection Solution
Discover, classify, and protect your data from all threats with the only Gartner Magic Quadrant DLP and Forrester Wave EDR Leader.
First and Only Solution to Converge:
- Data Loss Prevention
- Endpoint Detection and Response
- User and Entity Behavior Analytics
The California Attorney General's Office finally released draft regulations around the CCPA last week, outlining the requirements of businesses and consumers
The California Attorney General's Office released draft implementing rules for California's stringent new data privacy law, the California Consumer Privacy Act (CCPA) last week, roughly 11 weeks before the legislation is slated to go into effect.
The CCPA, signed into law back one June 28, 2018, is a sweeping new data privacy law designed to give users the ability to see what information is collected about them and stop that data from being sold among other stipulations.
While the law goes into effect Jan. 1, the rules implementing and enforcing the law don't go into effect until July 1.
“Knowledge is power, and in the internet age knowledge is derived from data. Our personal data is what powers today’s data-driven economy and the wealth it generates. It’s time we had control over the use of our personal data. That includes keeping it private,” the state’s AG, Xavier Becerra, said Thursday.
The goal of the regulations, viewable here (.PDF) is to ensure consumers and businesses alike have a better idea about the legislation before it goes into effect. Included in the regulations are a list of general provisions, notices to consumers, information about their right to opt out of the sale of their personal data, and notices to businesses, like how they can verify requests.
With the release of the 24-page document, Becerra reiterated the four major bullet points of the CCPA:
- Businesses must disclose data collection and sharing practices to consumers;
- Consumers have a right to request that their data be deleted;
- Consumers have a right to opt out of the sale or sharing of their personal information; and
- Businesses are prohibited from selling personal information of consumers under the age of 16 without explicit consent.
In addition to released the proposed regulations, the AG's Office also announced that there will be four public hearing dates, in Sacramento, Los Angeles, San Francisco, and Fresno, to seek comment on the CCPA. The comment period will end on December 6.
Complying with the regulations, which came as a result of seven public forums held throughout the state and a comment period of their own, could cost between $467 million to $16,454 million in costs, between 2020-2030, according to Becerra's office.