You have probably seen the website pop ups, “do you accept these cookies?” or even heard California and the EU have created privacy laws. Why should your company care about privacy when you are not based in Europe or California?
The Laws Probably Apply to You
Well, California and EU’s laws apply to any business that has customers in California or the EU. If your business has customers in California buying your products or is mainly online, where anyone in the world can view it, then these laws may apply to you and can result in serious fines. For example, failing to follow the California Consumer Privacy Act (“CCPA”) can result in up to $7,500 per an intentional violation. Sect. 1798.155(a)
More States, More Liability
Even if your company does not do business in California, the state has set a precedent many are following. Over 30 states have privacy bills introduced and many are already making it through their state’s legislature and could be enacted soon. Most states are using the CCPA to determine what privacy rights their state wants to provide. Thus, complying with the CCPA now will prevent your company from having issues later if your state’s privacy bill is passed. To see if your state could be next, visit The International Association of Privacy Professionals website.
Policies Keep Changing
Moreover, the privacy requirements keep changing. California already has a new privacy act, the California Privacy Rights Act (“CPRA”), that will go into effect on January 1, 2023.
You may be wondering, why start now when things keep changing?