The California Consumer Privacy Act, (CCPA), is a set of legislations brought into law in June 2018 driven by the continued rise in consumer data breaches and growing privacy concerns of individuals.
CCPA concentrates upon entities processing personal information with annual gross revenue in excess of $25 million or who annually buy or sell for commercial purposes, information of 50,000 or more Californians, households or devices (or organisations that derive 50% or more annual revenue from selling such information).
CCPA gives individuals the right to bring a civil action against companies that violate the law and states that damages will be between $100 and $750 – or higher, if there is more proof of extensive damage. In addition, the state can bring charges against a company directly, levying a $7,500 fine for each alleged violation that isn’t addressed within 30 days.
There is also a separate bill still under consideration in California, AB-2546, targeted at strengthening anti-spam laws and moving California – and in effect the rest of America, away from opt-out marketing permissions.