You must have noticed in the last year and a half or so an increased amount of websites asking you to approve that your data be collected, stored and processed, including sites where you already signed up years ago. This is the result of the European Union’s GDPR (General Data Protection Regulation) passed in 2016. It strengthens protection of private information and returns control to the individual. It also imposes harsh fines if breached. Add to that California’s new privacy law coming into effect on January 1, 2020. It is the enhanced version of the GRDP.
If your company meets any of the following criteria then your company will be under the scope of the new California law:
annual gross revenues that exceed $25M
handle, collect or gather personal information of 50,000+ consumers
households or devices
50% or more of your annual revenue comes from the sale of consumer information;
or you do business in California.
Steps in the right direct in for data privacy protection and for the benefit of all by all means, but it is feared the new law California may hinder commerce and become fertile ground for litigation where the slightest transactional contact in made with California.