With numerous data breaches & growing privacy concerns governments have been stepping in to regulate big data companies like Google, Facebook, etc. California has recently enacted the "California Consumer Privacy Act" (CCPA) in its ongoing efforts to protect consumers from predatory practices. The CCPA goes into effect at beginning of 2020 (January 1st.)
There's already been huge revamps due to things like the "General Data Protection Regulation" (GDPR) that was enacted in Europe as most providers saw the writing on the wall & choose to apply GDPR rules to everyone regardless of country. With that being said I Google is now updating their terms to comply with CCPA as well which shouldn't be an issue.
The CCPA allows any California consumer to request to see all the information a company has saved on them. They can also demand to see a full list of all the third parties that data is shared with. The CCPA also allows consumers to sue companies if the privacy guidelines are violated, even if there is no data breach. It also introduces restricted data flows which means companies must be able to separate the data they collect in-order to separate what is considered sensitive data at the consumer's request. California consumers can also choose to deny companies from sharing their data with third parties entirely.
As usual there is no action necessary as these terms simply go into effect. If you wish to learn more about the CCPA you can go here
Below is the email sent out to G Suite administrators:
The California Consumer Privacy Act (CCPA) is a new data privacy law that applies to certain businesses which collect personal information from California residents. The new law goes into effect on January 1, 2020.
Google already offers data protection terms pursuant to the General Data Protection Regulation (GDPR) in Europe. We are now also offering service provider terms under the CCPA, which will supplement those existing data protection terms (revised to reflect the CCPA), effective January 1, 2020. For customers on our online contracts and updated platform contracts, the service provider terms will be incorporated into our existing contracts via the data protection terms. For such customers, there is no action required on your part to add the service provider terms into your contract.
These service provider terms will be made available alongside new tools for partners to enable restricted data processing. Restricted data processing is intended to help partners prepare for CCPA. Some partners may decide to send a restricted data processing signal for users who click a CCPA opt-out link. Other partners may decide to enable restricted data processing for all users in California via a control in our products. Subject to the service provider terms, we will act as your CCPA service provider with respect to data processed while restricted data processing is enabled. You can refer to this article for more information on restricted data processing and to determine whether restricted data processing meets your CCPA compliance needs. Please also refer to our Help Center articles for Ad Manager, AdMob, AdSense for more information on enabling restricted data processing.
Please see privacy.google.com/businesses for more information about Google’s data privacy policies.
©2019 Google LLC, used with permission. Google and the Google logo are registered trademarks of Google LLC.