Recent changes to California consumer privacy laws affect most e-commerce websites in the state, and it is critical for business owners who run e-commerce websites to understand consumer rights and business responsibilities. Whether you are currently running an e-commerce website or considering the possibility of launching one soon, you should seek advice from an experienced California business lawyer about the California Consumer Privacy Act of 2018 and Prop 24. Both laws expand consumer privacy rights, and it is important for companies to comply with these laws. Attorney Lynnette Ariathurai can assist you in drafting and updating business privacy policies to ensure that your company remains in compliance with current state law.
California Consumer Privacy Act of 2018
The California Consumer Privacy Act of 2018 (CCPA) took effect on January 1, 2020, and it impacts most e-commerce websites viewed by California residents if the business (i.e., the website owner) collects any information from the consumer either directly or indirectly and then sells the information. The responsibilities of e-commerce sites under the new law extend relatively widely because the definition of the word “sale” is defined broadly.
As a business owner, you should know that this law specifically lays out format requirements and provides detailed information to California residents about their privacy rights and how to exercise their rights. As such, businesses could face claims from informed consumers if they do not take steps to ensure that their privacy policies are in compliance.
Prop 24 Further Expands Consumer Privacy Rights
Beyond the California Consumer Privacy Act of 2018, Prop 24 also expands consumer privacy rights in the state. This law passed in November 2020. It amends the CCPA with a “more comprehensive privacy scheme,” according to Brookings, creating the California Privacy Rights Act (CPRA).
The new law requires businesses to protect personal information collected from consumers by “reasonably minimizing data collection, limiting data retention, and protecting data security.” It also requires businesses in California to “conduct privacy risk assessments and cybersecurity audits, and regularly submit them to regulators.” Consumers may also opt out of the sale or sharing of their personal data.
Contact a California Business Law Attorney for Assistance
Website owners and companies that engage in e-commerce need to work with an experienced California business lawyer to draft new policies or to update existing policies to guarantee compliance with new consumer privacy laws in California. Attorney Lynnette Ariathurai has years of experience representing business owners in Fremont, Hayward, San Leandro, Gilroy, Milpitas, Union City, East Bay, San Jose, Santa Clara, and Newark and can talk with you today about reviewing, drafting, and updating privacy policies for your website. Contact us to learn more.