As the Jan. 1 effective date approaches for the nation’s toughest data privacy law, businesses have been waiting to see how the California Attorney General’s Office plans to enforce it.
They got an indication on Oct. 10, when the office released its proposed regulations for the California Consumer Privacy Act. The CCPA will require many businesses — even outside California — that handle Californians’ personal data to field requests about that data and notify consumers of their data handling practices, among many other obligations. Data privacy attorneys say the draft regulations help clarify the CCPA but also add more hurdles businesses must leap to comply with it.
According to a press release from the California Attorney General’s Office, “the regulations would address some of the open issues raised by the CCPA and would be subject to enforcement by the [California] Department of Justice with remedies provided under the law.”
Now that the office has revealed the draft regulations, it is accepting public comments on them until Dec. 6.
The CCPA, enacted last year, will grant Californians the right to opt-out of having businesses share or sell their personal data, and they may also have that data deleted by businesses and their service providers.