Lexology December 31, 2019
2018 – The Barometer Begins to Fall
The European Union’s General Data Protection Regulation (GDPR) went into effect on May 25, 2018, and introduced privacy concepts that were new to some U.S. businesses. Fortunately, the GDPR was developed over a period of time that allowed for thoughtful deliberation and careful drafting.
The California Consumer Privacy Act (CCPA), on the other hand, was speedily enacted under the threat of a ballot initiative. As a result, consumers and businesses alike have expressed concerns with many of the provisions and the legislature, to its credit, has attempted to correct some of those issues. Proposed regulations issued by the California Attorney General’s Office provide some clarity, but the consensus is that they fall short...