The California Consumer Privacy Act was passed unanimously yesterday after being introduced just one week ago.
Why the quick turnaround? Both state houses rushed the bill through to prevent an initiative from being put on November’s statewide ballot that called for even stricter regulations. The law emulates the EU’s recently passed GDPR.
What do the laws do: Californians will be able to see what data companies hold on them, request that their information be deleted, demand that it not be passed on to third parties, and, under some circumstances, even sue if it’s not handled appropriately. The regulations also limit denials of service based on unwillingness to have personal data tracked.
The national impact: It’s likely most companies affected by the new law won’t create a special service just for users in California. “I think it’s going to set the standard across the country that legislatures across the country will look to adopt in their own states,” Democratic state senator Bob Hertzberg told the Washington Post.
But … The laws don’t go into effect until 2020. That gives tech companies a long time to lobby against the regulations and potentially strip out the toughest measures.