The California Consumer Privacy Act represents a continuation of a trend in California to enact laws designed to provide consumers online. While commentators often compare the “CCPA” to the General Data Protection Regulation in the European Union, the law is anything but such a stringent regulation. Let’s take a closer look at this legislation.
An Odd Beginning
The California Consumer Privacy Act is a bit of an odd bird. The law was not birthed through the usual process. A California representative did not introduce the bill to the legislature. No going through committees, revisions, and negotiations. Instead, the CCPA started as an initiative before evolving into law in a bizarre process.
Successful real estate investor Alastair Mactaggart and Mary Ross proposed a ballot initiative known as the California Consumer Privacy Act in the fall of 2017. In California, groups can bypass the traditional legislative process by taking potential laws directly to the voters.
The tech industry came out in force to oppose the proposed law. Then the Cambridge Analytica situation started getting publicity. As a quick summary, Cambridge was able to gain access to the data for some 87 million people through the Facebook system before the most recent Presidential election. Facebook users were stunned to learn their information was so easily compromised and used without their consent.
Opposition to the California Consumer Privacy Act Initiative vanished in the face of the Cambridge/Facebook backlash. Polls revealed the bill would almost certainly pass, leaving tech companies scrambling. In June of 2018, Mactaggart, Ross, and the California Legislature negotiated a deal wherein the initiative would be signed into law immediately. In exchange, particular provisions toned down or eliminated to make implementation a more viable option for businesses. Here’s an overview of where matters stand with the law now.