Back to News

Could GDPR-Like Regulation Be Coming to the United States?

Published on

July 12, 2018

Those who learned harsh lessons about procrastination in compliance with the recent rollout of the European Union’s General Data Protection Regulation might want to start preparing for the first American law that resembles it.

California has recently enacted the California Consumer Privacy Act of 2018, which, as currently structured, is the broadest, most protective online data privacy regulation in the United States. While there is no such law in Pennsylvania and there hasn’t been any significant chatter about enacting one, the California law will affect anyone that directly or indirectly collects personal information from California residents.

The new law applies to entities conducting business in California that directly or indirectly control personal information collected from individuals residing in California. Personal information includes any information that directly or indirectly identifies, describes, or can reasonably be linked to a particular consumer or household.

Like GDPR, the CCPA requires companies to tell California residents what information the company is collecting, how it will use that information, and with whom it will be shared. It also gives those California residents the option to ask the company to delete or stop selling the information. Also like GDPR, the CCPA has a very broad definition of personal information that includes unique online identifiers such as IP addresses, browsing histories and location data. The inclusion of these unique identifiers means that the CCPA will require companies to give California residents the right to receive notice of what information is collected by the use of cookies and the right to ask the company to delete that information.

Unlike GDPR, the CCPA does not prevent the collection of personal information or give people the option to ask that their information stop being collected. However, much like GDPR, the new California privacy regulation will undoubtedly require companies to revamp their privacy policies, update them regularly and ensure the required notices are received at the right times.

While the CCPA passed in late June, it won’t go into effect until January 1, 2020, but that doesn’t mean companies doing business over the internet shouldn’t be prepared. In fact, companies would be well advised to educate themselves and prepare well ahead of that date. As we have seen with the implementation of GDPR, advance preparation is better than last-minute uncertainty.

For assistance with preparing for the CCPA, or with current compliance issues related to GDPR, please contact me.


Related News

View More News
Press Release
March 15, 2024

Barley Snyder Partner Jeff Lobach Selected to CPBJ Power 100 List for Fourth Consecutive Year

For Immediate Release York, PA – For the fourth consecutive year, par...

Learn More
Newsletter
February 23, 2024

Barley Snyder 2023 Year In Review

Check out what the professionals of Barley Snyder have been up to in 2023 a...

Learn More
Press Release
February 22, 2024

Barley Snyder Partner Jeremy Frey Admitted to Practice in Maryland

For Immediate Release  Hanover, Pa. – Barley Snyder is pleased ...

Learn More

Other Upcoming Events

View All Upcoming Events
May
02
8:00 am
-
10:30 am
event
Location

Wake Up With Barley – A Morning on Real Estate 2024

Learn More
May
10
12:00 pm
-
5:00 pm
event
Location

Title IX Training: New Regulations & Updates – An Extension of the Employment Law Seminar

Learn More
Apr
10
12:00 pm
-
6:00 pm
event
Location

LendiCon 2024

Learn More

Get in Touch

Our attorneys, paralegals and staff look forward to hearing from you. Please reach out to let us know how we can help.

Get In Touch
RECOGNIZED IN
Super Lawyers
Best Law Firms US News
Best Lawyers