The California Consumer Privacy Act and the Future of Regulation
Friday, March 29, 2019
1:00 PM—4:00 PM
The George Washington University Law School
2000 H St NW
The Burns Building
Room 505, Faculty Conference Center
About the Event:
On June 28, 2018, California enacted the California Consumer Privacy act (CCPA), a law that will generally restrict businesses’ ability to collect and sell consumers “personal information.” The law has huge potential significance. Under the California law, any “business” that collects “personal information” of “consumers” must do three things: (1) give consumers notice (“the right to know”) in advance that businesses will collect their information; (2) provide consumers the “right to opt out” of the sale of their information; and (3) give consumers the “right to delete” information collected about them. Of even greater significance, the law will apply to any company that “collects the personal information of Californians, is for profit, does business in California, and satisfies one of three thresholds: (1) earns more than $25 million in annual gross revenues; (2) engages in buying, selling, or receipt of personal information of 50,000 or more California residents; or (3) derives more than 50 percent of its annual revenues from the sale of California residents’ personal information.” Thus, the jurisdiction CCPA claims is wide-reaching with the ability to impact all Internet-related businesses throughout the United States. Moreover, under the CCPA, the law permits enforcement actions to be brought either through the California Attorney General or by private right of action in 30-days where a data breach has occurred.
Given the significant implications of the California Consumer Privacy Act, the Federal Communications Law Journal will host a symposium focused on what the law means, how private entities, federal agencies, and Congress are may respond, and what a future privacy law (either CCPA or federal statute) would provide, and how it would interact with international privacy laws.