By Drew M. Smith
When the General Data Protection Regulation, (GDPR) was enacted in May, it was a huge step in the name of privacy in Europe. Anyone doing business in Europe must take measures to protect their subscriber/customer’s data secure, requiring permission for them to use their personal data for a variety of different things. In the wake of this legislation, California has now passed similar legislation to take effect in 2020.
The California Consumer Privacy Act of 2018 was passed at the end of June and has been called GDPR lite. The consumers in the state of California can know what information tech giants Google and Facebook are collecting and demand they not be used at all. In addition, the companies are responsible for a data breach to the tune of $750 per data breach, while the attorney general can sue a company for $7,500 per direct violation.1
Naturally, there was push back from Silicon Valley. Having already dealt with Europe’s law, having their home state do something similar has the tech giants like Google and Facebook not pleased with the law, especially considering the law went from the committee to Governor’s desk in a week, compared to the years the Europe law was on the books. In addition, the law doesn’t affect smaller companies. Rather it effects, those who make more than $25 million and half of their revenue come from selling personal data, something that Google and Facebook use as their main revenue source. Though they were against the law, they weren’t ready to oppose it given the time frame, the reasoning being if it reached the ballots, they would have lost there as well.2 Instead, the tech industry will focus its efforts on the rules that will be in place when it finally takes effect in 2020.
As with anything pertaining your personal data, it is always at risk for being stolen. California might have enacted a new law, but it won’t be in effect for 18 months. Your cyber policy should be up to date and your passwords changed constantly. Do not give out your information needlessly and only to trusted sources. Your data is valuable, guard it well.