By Philip L. Gordon and Andrew Gray on July 9, 2018
With the May 25, 2018 effective date of the European Union’s General Data Protection Regulation (GDPR) barely in the rear-view mirror, California’s Governor Jerry Brown, on June 28, 2018, signed into law the “California Consumer Privacy Act of 2018”1 (CCPA or “the Act”). The law flashed onto the scene after a concerned and wealthy California citizen funded, and obtained the approval of, a ballot initiative for a similar law to be placed on the November 2018 electoral ballot. The initiative’s backer used that approval as leverage in the waning days of June to force the California government to enact an alternative law in exchange for his withdrawal of the initiative from the November 2018 ballot before the June 30 publication deadline. The CCPA is aimed at granting individuals more control over their personal information and more insight into how businesses use and disclose their personal data.