California’s Attorney General to U.S. Senate: Don’t Preempt CCPA
Last week, California’s Attorney General Xavier Becerra testified before the U.S. Senate Committee on Commerce, Science, and Transportation in a hearing entitled, “Revisiting the Need for Data Privacy Legislation”. Becerra’s testimony included a request that the Senate not preempt the California Consumer Privacy Act (“CCPA”) by passing a federal data privacy law.
Becerra stated that “the optimal federal legal framework recognizes that privacy protections must keep pace with innovation, the hallmark of our data-driven economy. State law is the backbone of consumer privacy in the United States. Federal law serves as the glue that ties our communities together.” Becerra referred to CCPA as “a game changer” and pointed to examples of how the regulation has been and is being enforced against noncompliant companies.
He encouraged Congress to set a “federal privacy protection floor rather than a ceiling, allowing my state and others that may follow the opportunity to provide further protections tailored to our residents.” If they decide to draft mandatory federal data privacy legislation, Becerra suggested the committee to “look to the states as sources of nimble innovation and expertise in data privacy, and to value protections, like the CCPA, that states have already developed.” Additionally, Becerra recommended that, should a new federal law be drafted, it should include a “private right of action to complement and fortify the work of state enforcers.” Becerra considers such a measure to be critical to deterrence and the creation of meaningful consequences for noncompliant companies.
Given Becerra’s testimony, it appears that his position, and by extension that of California, is that while data privacy should be a concern of the federal government it is a matter best dealt with, and enforced by, state regulators.
California is one of the world’s largest economies, and the state holds significant sway regarding influencing regulations at the federal level. Becerra’s recommendations, if accepted by the U.S. Senate, likely mean that businesses will have to adapt to, and comply with, a 50-state data privacy framework, with a different approach in each state in which they’re doing business. Similar to how state tax laws work, each state could, in theory, draft its own law and enforce it, creating a tangled web of compliance. Companies operating in multiple states will need to adopt an ever-more-flexible approach to data privacy.
How can Clym help with CCPA compliance?
Clym believes in striking a balance between digital compliance and your business needs, which is why we offer businesses the following:
- All-in-one platform: One interface combining Privacy and Accessibility compliance with global regulations, at an affordable price;
- Seamless integration into your website;
- Adaptability to your users’ location and applicable regulation;
- Customizable branding;
- Ready Compliance: Covering 30+ data privacy regulations;
- Six preconfigured accessibility profiles, as well as 25+ display adjustments that allow visitors to customise their individual experience.