California is Taking the Lead When it Comes to Data Privacy Protection with its Imminent Implementation of the California Consumer Privacy Act of 2018
California is taking the lead when it comes to data privacy protection. While the requirements of the California Consumer Privacy Act of 2018 are not as stringent as the European Union’s General Data Protection Requirements (GDPR), the state will require businesses to take several additional steps to safeguard consumer privacy.
California Consumer Privacy Act of 2018
Gov. Jerry Brown signed the California Consumer Privacy Act of 2018 (California Consumer Privacy Act) into law on June 28, 2018. Beginning January 1, 2020, consumers will have the right to request that a business to disclose the following:
The categories of personal information it has collected about that consumer;
The categories of sources from which the personal information is collected;
The business or commercial purpose for collecting or selling personal information;
The categories of third parties with whom the business shares personal information; and
The specific pieces of personal information it has collected about that consumer.
Like the GDPR, the new law creates a “right to be forgotten.” It specifically grants a consumer the right to request deletion of personal information and mandates businesses to delete such information upon receipt of a verified request. Consumers will also have the right to request that a business which sells the consumer’s personal information or discloses it for a business purpose, disclose the categories of information that it collects and categories of information and the identity of 3rd parties to which the information was sold or disclosed. Under California’s new privacy law, a business will be required to provide this information within 45 days of receiving a verifiable consumer request.
The California Consumer Privacy Act also authorizes a consumer to opt out of the sale of personal information by a business and prohibits the business from discriminating against the consumer for exercising this right, including by charging the consumer who opts out a different price or providing the consumer a different quality of goods or services, except if the difference is reasonably related to value provided by the consumer’s data. At the same time, the new law does authorize businesses to offer financial incentives for the collection of personal information. Additionally, California’s new privacy law bans businesses from selling the personal information of a consumer under 16 years of age, unless the children or their parents expressly opt in.
Businesses must also take certain steps to inform consumers about their privacy rights. For instance, they must provide a clear and conspicuous link on their Internet homepage, titled “Do Not Sell My Personal Information,” to a separate Web page that enables a consumer, or a person authorized by the consumer, to opt out of the sale of the consumer’s personal information. A business may not require a consumer to create an account in order to direct the business not to sell the consumer’s personal information. The law also mandates that businesses provide at least two methods for consumers to make requests for information required to be disclosed (at a minimum a toll-free telephone number and, if applicable, a Web site address).
Under the law, civil penalties of up to $7,500 may be imposed per violation. When a breach of personal information occurs, the law entitles aggrieved consumers to statutory damages of no less than $100 and no more than $750 per consumer per incident, or actual damages, whichever is greater.
Businesses Subject to this California Law
The California Consumer Privacy Act won’t just impact businesses that call California home. The law applies to any for-profit business entities that do business in California, collects consumers’ personal information, and meets one or more of the following criteria: (1) have annual gross revenues greater than twenty-five million dollars ($25,000,000); (2) buy, receive, sell, or share personal information of 50,000 or more consumers annually; or (3) derive 50 percent or more of its annual revenues from selling consumers’ personal information. A “consumer” is defined as a natural person who is a California resident and includes California residents while they are traveling.
According to the International Association of Privacy Professionals, more than 500,000 U.S. businesses will fall under the purview of the new privacy law. Because many large businesses have taken steps to comply with GDPR, they should be in a good position to meet the new requirements of California’s privacy law. However, small and medium-sized businesses that are not subject to the GDPR should begin the process of reviewing their privacy policies and procedures to ensure they prepared to comply with the California Consumer Privacy Act by the end of this year.
Businesses should also closely monitor other state-level privacy laws that may impact their operations.
If you have questions, please contact us
If you have any questions or if you would like to discuss the matter further, please contact me, David Einhorn, or the Scarinci Hollenbeck attorney with whom you work, at 201-806-3364.
Supreme Court and Title VII: Implications for Reverse Discrimination
Earlier this month, the U.S. Supreme Court issued a decision in Ames v. Ohio Department of Youth Services vitiating the so-called “background circumstances” test required by half of federal circuit courts.1 The background circumstances test required majority group plaintiffs pleading discrimination under Title VII of the Civil Rights Act to meet a heightened pleading standard […]
Special purpose acquisition companies (better known as SPACs) appear to be making a comeback. SPAC offerings for 2025 have already nearly surpassed last year’s totals, with additional transactions in the pipeline. SPACs last experienced a boom between 2020–2021, with approximately 600 U.S. companies raising a record $163 billion in 2021. Notable companies that went public […]
Short Form Merger: Streamlining the Process for Businesses
Merging two companies is a complex legal and business transaction. A short form merger, in which an acquiring company merges with a subsidiary corporation, offers a more streamlined process that involves important corporate governance considerations. A short form merger, in which an acquiring company merges with a subsidiary corporation, offers a more streamlined process. However, […]
Tariff Response Options for Small Businesses Facing Financial Distress
The Trump Administration’s new tariffs are having an oversized impact on small businesses, which already tend to operate on razor thin margins. Many businesses have been forced to raise prices, find new suppliers, lay off staff, and delay growth plans. For businesses facing even more dire financial circumstances, there are additional tariff response options, including […]
Common Causes of Partnership Disputes and How to Resolve Them
Business partnerships, much like marriages, function exceptionally well when partners are aligned but can become challenging when disagreements arise. Partnership disputes often stem from conflicts over business strategy, financial management, and unclear role definitions among partners. Understanding Business Partnership Conflicts Partnership conflicts place significant stress on businesses, making proactive measures essential. Partnerships should establish detailed […]
Businesses Are Facing Financial Headwinds—A Practical Guide
*** The original article was featured on Bloomberg Tax, April 28, 2025 — As a tax attorney who spends much of my time helping people and companies who have large, unresolved issues with the IRS or one or more state tax departments, it often occurs to me that the best service that I can provide […]
No Aspect of the advertisement has been approved by the Supreme Court. Results may vary depending on your particular facts and legal circumstances.
Sign up to get the latest from our attorneys!
Explore What Matters Most to You.
Consider subscribing to our Firm Insights mailing list by clicking the button below so you can keep up to date with the firm`s latest articles covering various legal topics.
Stay informed and inspired with the latest updates, insights, and events from Scarinci Hollenbeck. Our resource library provides valuable content across a range of categories to keep you connected and ahead of the curve.
Let`s get in touch!
Sign up to get the latest from the Scarinci Hollenbeck, LLC attorneys!
