The California Consumer Privacy Act (CCPA) goes into effect on January 1, 2020. By that date, qualifying businesses need to make their data protection and user privacy policies compliant with the new regulations.
The CCPA is a state law that enhances privacy rights for California residents. One of the most critical facts to know is that the CCPA not only applies to consumers but also applies to for-profit businesses that conduct business in California. It is considered landmark legislation on data protection as it regulates what companies can do with the personal information they collect. The law gives residents rights to all personal information that businesses may have about them, including the right to have the data deleted. The CCPA also requires covered companies to disclose the intended use of personal consumer data.
While not as exacting as the GDPR, the CCPA has stricter mandates in some respects and broader implications in others. It only expressly protects Californian residents; however, the legislation may well be considered a US variant of the GDPR.
The challenge for businesses will be to understand how to translate consumer rights into their operations, processes, and practices to ensure compliance with the law. According to the 2019 Restaurant Technology Study, hotels and restaurants have made strides to protect their customers with security practices taken over the last 24 months. A trend that demonstrates how the hospitality industry is not only aware it must have a process for protecting consumer data, but that it's beginning to realize the benefits of putting the strategy into action.