Though CCPA went into force Jan.1, some of the law’s implications are already becoming clear.
First, privacy is not cheap. CCPA delegates rule-making authority (as well as enforcement) to the California Department of Justice.
The second lesson is that privacy laws are prolix. CCPA runs about 10,000 words. That virtually demands that businesses retain dedicated CCPA specialists to advise them — their own readings and the advice of non-specialist lawyers won’t cut it.
Finally, state heterogeneity in privacy law is now inevitable. Some states introduced their own clone-and-revise versions of CCPA in 2019, but none passed. A number of state legislatures will likely restart the CCPA clone-and-revise process in 2020.
Full article: What we’ve learned from California’s Consumer Privacy Act so far | TheHill