12 September 2019
California Law Reaches Beyond Tech
Starting next year, all California residents will have the right to ask retailers, restaurants, airlines, banks and many other companies to provide them with any personal information they may have, including individual contact information, purchases and loyalty-program history. Consumers also can ask that businesses delete their information, or opt out of letting it be sold.
But, the California Privacy Act, which passed last year and goes into effect January 1 2020, applies to any for-profit business that does business in California and collects data on California residents. There are a few stipulations in annual revenue and how much consumer information the company holds, but suffice to say the law affects some 500,000 U.S. businesses across an array of industries, including those with no physical presence in California but maintain a website that serves Californians.
Once the law becomes enforceable, which is expected by next summer 2020, businesses that get a customer data request will have to comply within 45 days or risk very high fines. The law also threatens steep damages in the event of a data breach with can be as high as $7500 per affected person.
This requirement is a perfect opportunity for Certes Networks who provides customers with compliance software and hardware encryption appliances that can be seamlessly integrated into any network architecture without moving, replacing or disrupting the current network infrastructure.
Although there are still a few kinks to iron out, there is no doubt that this law is one of the strictest to go into effect in the U.S., in addition to the European Union’s General Data Protection Regulation, and will certainly set the standard for future U.S. data privacy regulations and best practices.