On January 1, 2020, the nation’s strictest data privacy law came into effect. Known as the CCPA for short, the California Consumer Privacy Act imposes sweeping data privacy requirements on companies nationwide when those companies collect the personal data of California residents. The law has a very broad scope and will apply to many companies that up until now have seen little, if any, data privacy regulation.
The CCPA governs the complete life cycle of data collection and use. It governs how companies may collect personal data, how they may use and transfer it, and what companies must do in the event of a breach. It also grants California residents a host of new individual rights.
Manufacturers of nearly all types may find themselves subject to the CCPA. This is especially true for manufacturers that collect information online, through the use of their products, or from potential or actual customers. Other manufacturers may find themselves subject to the CCPA through contracts with their upstream customers, by virtue of government contracts, by having employees located in California (remote or otherwise), or as a result of using personal data to test or design products. All these manufacturers now need to ensure compliance with CCPA both to avoid legal penalties and potential lawsuits and to remain competitive in a market that increasingly looks to data privacy when making purchasing decisions.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.