The California Constitution was amended in 1972 to include privacy as an inalienable right for all people. At the time, the focus was on affording individuals control over the use and sale of their personal information. Today, this inalienable right underpins the California Consumer Privacy Act of 2018 (CCPA), which has a significant impact in a global economy tethered by digital connections impervious to state, country, and continental boundaries.
CCPA goes into effect on January 1, 2020. It grants five rights to Californians: (1) the right to know what personal information is being collected about them; (2) the right to know whether their personal information is sold or disclosed and to whom; (3) the right to say no to the sale of personal information; (4) the right to access their personal information; and, (5) the right to equal service and price even if they exercise their privacy rights. For-profit businesses that have $25 million or more in gross annual revenues; receive or disclose personal information from 50,000 or more California residents, households or devices annually; or derive 50% or more of their annual revenue from selling Californian’s personal information are subject to CCPA.
Businesses face non-compliance penalties of $2,500 per violation or $7,500 per intentional violation. There are no caps to the total amount of a fine that can be issued, but businesses are given 30 days to remedy alleged violations before fines are assessed. Additionally, CCPA allows individuals to bring private suits against businesses for actual and/or statutory damages between $100 and $750 per incident.Businesses face non-compliance penalties of $2,500 per violation or $7,500 per intentional violation under the #CCPA. Click To Tweet
Complying with CCPA and other personal information privacy regulations, such as GDPR, is not optional. Businesses must dedicate time and resources to understand all related laws and regulations across the globe, as the rapidly evolving information and data privacy landscape are defining new rules for operations in the global digital economy.
This post was written in conjunction with the AOTMP® Efficiency First® Framework’s Risk Management and Regulatory Compliance core activities.
Efficiency First® Framework v3.0 is the standard for measuring Telecom / Mobility / IT Management Center of Excellence maturity. It defines a comprehensive set of strategic performance measures, tactical diagnostic measures, and best practice principles used to optimize Center of Excellence business value. Enterprise organizations adopt the Framework and vendors align solutions to Framework principles.