“European companies must get on top of how they are interacting with data, or risk leaving themselves exposed to punishment come 1st July.”
At the start of this year, a landmark new consumer privacy law came into effect, writes Mark Kahn, General Counsel & VP of Policy at Segment. The California Consumer Privacy Act (CCPA) was passed to protect the data privacy rights of all California residents and it inevitably drew comparisons to the EU’s General Data Protection Regulation (GDPR).
On 1st July, California’s regulators plan to begin doling out fines to punish those organisations that breach the law. As a result, businesses have been rushing to become compliant with the new rules.
Some had hoped that, due to the coronavirus pandemic, California Attorney General Xavier Becerra might push back enforcement. In March, a group of more than thirty signatories came together to request an extension of the time available to reach compliance. However, despite the unprecedented disruption, the Attorney General’s Office remains committed to the original deadline.
For European businesses, it would be easy to assume that the CCPA will have little bearing on them. Unfortunately, this could be a big mistake. Even though this is a piece of state-level American legislation, enforcement will affect companies across the globe.