While the California legislature passed a comprehensive consumer privacy law in late June—the California Consumer Privacy Act (CaCPA), A.B. 375—it remains to be seen what the law will look like when the final version goes into effect on January 1, 2020. A few days ago, the legislature proposed amendments in S.B. 1121, partly to address concerns raised by the California Attorney General. And not surprisingly, a number of organizations, including the California Chamber of Commerce, AT&T, and Amazon are lobbying for changes to soften or eliminate some of the law’s safeguards.
In the meantime, some commentators have likened the CaCPA to the EU General Data Protection Regulation (GDPR). As noted in this great IAPP article, the CaCPA is noteworthy for being the first comprehensive U.S. data protection law. But it’s quite different in many respects from the GDPR. Which means that businesses handling data for California consumers can’t rest on their laurels if they do comply with GDPR. They’ll definitely need to invest in measures that ensure compliance with CaCPA. Stay tuned to clearskylaw.com for more information.