California’s GDPR has become law

The California legislature passed the California Consumer Privacy Act, a sweeping new law that imposes stringent new GDPR-style privacy standards across sectors.

  • Beginning in January 2020, California consumers will be granted new rights regarding how businesses collect and use their personal data, including a “right-to-be-forgotten” in certain circumstances.
  • The law applies to businesses with annual gross revenues in excess of $25 million unless the activity is wholly outside of California.
  • A number of the Act’s provisions are similar— but not identical— to those in the EU General Data Protection Regulation (GDPR), which can present compliance challenges and puts a premium on early planning.

Learn more.

Back to top