California Looks to Toughen New Data Privacy Law

California Looks to Toughen New Data Privacy Law

California consumers could gain even more power to sue companies for misusing their personal data under new bills introduced in the state legislature.

Set to go into effect in 2020, the California Consumer Privacy Act (CCPA) is considered the nation’s most far-reaching data privacy law.

Under the CCPA, consumers will be able to sue companies if they are found to be careless or negligent in a data breach.

New legislation would expand a consumer’s right to sue to include other violations under the law, even if they don’t result in a data breach.

Other new bills proposed in Sacramento go from minor technical amendments to the CCPA to more drastic changes, such as barring smart-speaker companies from storing or data mining voice recordings.

The law responds to several substantial data breaches in recent years including those at Target and Equifax.

A new survey made public on Tuesday by security and compliance firm TrustArc suggests a vast majority of companies still aren’t ready to be compliant with the 2020 law. The results show that 86% of respondents have not yet completed preparations.

Across the U.S., eight other states are using the California law as a model for their own legislation while a ninth is using the European Union’s data protection law as a blueprint.


Editorial credit: Twin Design /