Silicon Valley is terrified.
In a little over three months, California will see the widest-sweeping state-wide changes to its privacy law in years. California’s Consumer Privacy Act (CCPA) kicks in on January 1 and rolls out sweeping new privacy benefits to the state’s 40 million residents — and every tech company in Silicon Valley.
California’s law is similar to Europe’s GDPR. It grants state consumers a right to know what information companies have on them, a right to have that information deleted and the right to opt-out of the sale of that information.
For California residents, these are extremely powerful provisions that allow consumers access to their own information from companies that collect an increasingly alarming amount of data on their users. Look no further than Cambridge Analytica, which saw Facebook profile page data weaponized and used against millions to try to sway an election. And given some of the heavy fines levied in recent months under GDPR, tech companies will have to brace for more fines when the enforcement provision kicks in six months later.
No wonder the law has Silicon Valley shaking in its boots. It absolutely should.
It’s no surprise that some of the largest tech companies in the U.S. — most of which are located in California — lobbied to weaken the CCPA’s provisions. These companies don’t want to be on the hook for having to deal with what they see as burdensome requests enshrined in the state’s new law any more than they currently are for Europeans with GDPR.
Despite the extensive lobbying, California’s legislature passed the bill with minor amendments, much to the chagrin of tech companies in the state.