New Californian data protection laws could herald changes for Federal US data protections laws.
At the annual Risk MAP 2019 Breakfast, held at the Radisson Blu Plaza earlier this week, Control Risks Senior Partner, Dane Chamorro, called on those doing business in the US to be mindful of the new Californian Data Protection Act and the California Consumer Privacy Act (CCPA).
“It’s our form of the GDPR [General Data Protection Regulation] and it grew out of the Facebook and the Cambridge Analytica scandal,” Chamorro explained. “It is about data privacy, and you’ve got a little over a year to get compliant with it before it’s finished in all of its forms.”
The GDPR will have been going for a year in May, with businesses that operate in the UK or that hold data on EU citizens having to comply with the EU regulation.
Chamorro explained that the Californian regulation is expected to come into effect in 2020. It is also expected this regulation will set the standard for data protection laws in other US states and may possibly lead to Federal-level data protection regulation.
It is expected the regulation will affect 500,000 businesses in the US.
While this regulation mirrors the GDPR when looking at the three major approaches to data protection regulation, Chamarro defined the US as seeing consumer data as a ‘commodity and something to be commercialised’, as opposed to the UK’s approach to data as something to be protected.
A Forbes article claimed that this regulation will be a wake-up call for anybody in tech business, stating that privacy regulation like this is ‘long overdue’.