AdvertisementCalifornia’s idea of PII is also somewhat broader, encompassing essentially any information that could be reasonably linked to a particular individual or household. Conversely, the Nevada law describes particular examples of information considered private, such as a consumer’s name, address, telephone number, Social Security number, and so on.
Formally in effect on October 1, SB 220 authorizes Nevada’s attorney general to bring legal action against operators of websites and apps that violate its requirements. Violators may be subject to injunctions and civil penalties of up to $5,000 per violation. The CCPA, meanwhile, goes into effect on January 1, 2020. The laws are a direct response by state lawmakers to sweeping privacy violations in recent years; from the litany of scandals at Facebook to the massive data breach at Equifax in 2017. The U.S. Congress has so far failed to pass any comprehensive legislation to protect American consumers’ data, despite public outcry and a series of record-breaking fines from regulators.
CCPA: What you need to know
AdvertisementTech companies have stepped up pressure on Congress to enact a national privacy law, arguing that the patchwork of state-level policies is expensive and too burdensome to follow. Privacy advocates say, however, that any law that makes it through Congress will be considerably weaker than those crafted by states. They also accuse major tech companies of pushing for a overriding federal law specifically for that reason.