Do your Clients Need to Comply with California Privacy Regulations?
You are probably aware that, in 2018, California passed the California Consumer Privacy Act (the “CCPA”) in order to enhance privacy rights and protections of consumers in California. This statute went into effect on January 1, 2020.
If you have any clients who do business with anyone in California, they must comply with the CCPA or face investigations from the California Office of the Attorney General and, possibly, large fines.
And even if your clients do not currently do business with anyone in California, consider that they may in the future, and or that they may not be aware of the residence of all of their consumers. If so, your clients might be subject to the CCPA.
Also, keep in mind that it is not just California consumers who have such protections.
California passed this legislation following the passage of similar, although less broad, legislation in Europe, the General Data Protection Regulation (“GDPR”), protecting consumers in Europe.
And many states beyond California are passing their own version of a privacy laws. Such statutes now exist in, at last count, Maine, Nevada, Massachusetts, Maryland, Oregon, Texas, Washington, New Jersey and New York.
New York’s Stop Hacks and Improve Electronic Data Security Act (the “SHIELD” Law) (which goes in effect in March 2020) is closest in breadth, and in some ways, even broader than, the CCPA.
In other words, it is not just California, but many other - and eventually, likely, all - states which are passing similar privacy laws.
So, even if your clients are not subject to the CCPA they need to be mindful of similar laws and regulations for other jurisdictions.
For more information about this article or other issues, please contact us, The Bachman Law Firm PLLC at firstname.lastname@example.org or 845-639-3210.