What is the California Consumer Privacy Act?

Last night, California Governor Jerry Brown signed into law the California Consumer Privacy Act of 2018. This is a first of its kind US privacy law will give California residents new online privacy protections and will dramatically impact how companies handle their data.


Much like the EU’s GDPR, businesses across the U.S. and around the globe will need to assess how they collect, process and share California resident personal data.

The new Act goes into effect on January 1, 2020, and while we expect requirements may change and new guidance will come, here is a breakdown of few of the elements of the new Act:

  • Right to Request Information: A consumer has the right to access the data a company has on them, a business must inform a consumer the purposes of the data they are collecting, and businesses must provide this information to a consumer upon requests. Consumers also have the right to know if their data is being sold and for what purpose.
  • Right of Deletion: Consumers have the right to request the deletion of their personal data.
  • Right to ‘Opt-Out’: Consumers can ask the business not to sell their personal data and opt-out of these purposes.

While we anticipate that changes and guidance for the California Consumer Privacy Act is likely to come, OneTrust will continue to update you on the latest news and develop our solutions to assist in the compliance of this and other global privacy regulations.

If you want to learn more about the California Consumer Privacy Act of 2018, register for our upcoming webinars and visit our website.

  • Tuesday July 3, 9:00 PDT, 12:00 ET, 17:00 BST
  • Thursday July 5, 7:00 PDT, 10:00 EDT, 15:00 BST