CMG Risk Alert: California Consumer Privacy Act Deadline Less Than Six Months Away

CUNA Mutual Group published a Risk Alert Wednesday on the California Consumer Privacy Act (CCPA), effective January 1, 2020.  The CCPA provides broader rights to consumers and stricter compliance requirements for businesses, including credit unions, than any other current state or federal privacy law. You need to understand your compliance and operational obligations under the current state of CCPA, as well as monitor similar and evolving federal and state privacy proposals.

The CCPA - signed into law on June 28, 2018 with an effective date of January 1, 2020 - has sparked debate about the future of U.S. consumer data protections. The law which impacts approximately 40 million California residents, provides broader rights to consumers and stricter compliance requirements for businesses, including credit unions, than any other current state or federal privacy law. Adhering to privacy laws should be a collaborative effort among Chief Information Officers, IT teams, operational leaders, and legal / compliance teams. Efforts must be made to understand the context of data collection, processing, classification and use.

For example, CCPA introduces consumer rights about personal information:

  • The right to access and receive a copy of personal information collected by a business,
  • The right to say no to the sale of personal information,
  • The right to delete personal information,
  • The right to be informed of what categories of personal information will be collected prior to or at time of its collection, and
  • The right to opt-in before sale of a minor’s information (under the age of 16).

CMG members click here to access the full alert and resources.