On June 28, 2018, the state of California adopted the strictest general privacy and data security law in the country. The “California Consumer Privacy Act” will become effective on January 1, 2020 and will transform how companies that handle consumer data will do business in California.

The Act will regulate the collection and sale of personal information by companies and will increase fines and penalties on businesses that fail to take “reasonable security measures” to safeguard Californian’s personal information. Businesses must notify consumers about the type of data they collect and must allow consumers the option to opt out of their personal information being sold or disclosed to third parties. California, already a popular venue for plaintiffs to file consumer privacy class action litigation, will likely see an increase in litigation when the Act becomes effective. This Act will apply to for-profit companies doing business in California that collect consumers’ personal information and exceed $25 million in gross revenue, handle the personal information of 50,000 or more consumers, devices or households, or derive more than 50% of their annual revenue from selling consumers personal information. Continue Reading