Advertisement
  1. News
  2. /
  3. Business

Florida businesses: Are you ready for California’s new privacy law?

Beginning this month, businesses around the country are required to answer requests from Californians about personal data companies collect about them.
A big sea change in data privacy protection is ramping up in California, and many Florida businesses will soon feel its ripple effects. Pictured is a woman typing on a keyboard in October. [Jenny Kane| Associated Press] [JENNY KANE  |  AP]
A big sea change in data privacy protection is ramping up in California, and many Florida businesses will soon feel its ripple effects. Pictured is a woman typing on a keyboard in October. [Jenny Kane| Associated Press] [JENNY KANE | AP]
Published Jan. 16

A big change in data privacy protection is ramping up in California, and many Florida businesses will soon feel its effects.

Beginning this month, large businesses around the country that operate in California must disclose to their Golden State customers who ask for it any data the companies collect about them. Those customers can then request that the information be deleted or demand that it not be sold. Companies that fail to comply could face significant fees and penalties.

“Companies put themselves at risk if they develop a wait-and-see attitude” to the law, said Jack Clabby, a cybersecurity and privacy attorney in Tampa.

The law, called the “California Consumer Privacy Act,” is the first sweeping data privacy measure in the country. It is intended to give consumers more control over their personal data at a time when breaches are rampant and personal information is mined, sold and used in ways consumers have little say over. A recently proposed Florida bill seeks to take similar steps for consumer data privacy.

“The logistical challenges, independent of the legal challenges, are a significant undertaking for businesses who have to comply with the (act),” said Clabby, a lawyer with Carlton Fields, of the California law.

The law applies to for-profit companies that operate in California and meet one of three criteria: They have a gross annual revenue of at least $25 million; they buy, sell or share personal information for at least 50,000 California consumers; or they make at least half of their annual revenue by selling consumer data.

According to Clabby, hundreds of Florida businesses are expected to be affected by the law, including dozens of Tampa Bay-area companies.

The companies that the law covers are mostly large private and public companies with significant reach. A report by California’s attorney general estimated that compliance will cost businesses roughly $55 billion initially, and the U.S. Department of Justice expects between 15,000 and 400,000 businesses to be affected nationwide.

Fines for failing to comply range from $2,500 to $7,500 per violation.

California’s law provides a broad umbrella for what constitutes personal information, going beyond the typical name and driver’s license number to include information such as internet browser history, geolocation data and audio.

“All those kinds of information can be associated with a person and contain intensely private information,” said Jacob Snow, an attorney for the American Civil Liberties Union of Northern California who focuses on technology.

One of the most significant aspects of the California law is a clause that gives the state’s consumers the right to sue over a data breach that meets certain criteria. If they are successful, companies who expose consumer data could be forced to pay between $100 and $750 per Californian affected by a breach and any other fees the court deems appropriate.

California’s approach is starkly different from Florida’s. Like most states, Florida has few laws regulating data privacy. None allow consumers to fully understand where their data lives and to take it back as California’s does, though the Sunshine State does have a law requiring businesses to notify consumers after a data breach of a certain size.

“Outside of that, there isn’t anything that really requires (companies) to take reasonable measures to protect personally identifiable information,” said Sri Sridharan, director of Cyber Florida, the cybersecurity center housed at the University of South Florida.

A bill proposed recently by Sen. Doug Broxson, R-Gulf Breeze, would get Florida slightly closer to California’s law by requiring websites to tell Florida consumers what personal information it collects and let them opt out of the sale of their data.

According to Clabby, many Florida businesses may not even realize they could be subject to California’s law.

“There were companies who 12 months ago were aware of this and steadily worked toward compliance,” he said. But, “there are companies who found out about it only recently and will have to do some hustling to get themselves where they need to be.”

The regulation is widely considered to be the first in what will likely be a tide of similar state laws and potential federal legislation. That means companies will need to figure out how to comply with multiple laws and still do business effectively.

“You could end up with a federal floor and then still have different states that set different levels of privacy protections for consumers, even if those privacy levels conflict,” Clabby said. “It’s not what the regulation is, it’s having certainty so companies can plan their business activities.”

Some companies are expected to take a segmented approach for now, where they would have one division for California and one for the rest of the country, as many do to comply with Europe’s significantly more stringent data privacy laws.

Others, such as Microsoft, are complying with California’s law and offering the same protections to customers around the country.

YOU MIGHT ALSO LIKE

  1. Hyde House in Hyde Park Village on Tuesday, Feb. 25, 2020 in Tampa.  [MARTHA ASENCIO-RHINE  |  Times]
  2. FILE - In this Dec. 16, 2019, file photo, Disney CEO Robert Iger arrives at the world premiere of "Star Wars: The Rise of Skywalker", in Los Angeles  The Walt Disney Co. has named Bob Chapek CEO, replacing Bob Iger, effective immediately, the company announced Tuesday, Feb. 25, 2020.  (Jordan Strauss/Invision/AP, FIle) [JORDAN STRAUSS  |  Jordan Strauss/Invision/AP]
  3. In this June 17, 2019, file photo, a cashier displays a packet of tobacco-flavored Juul pods at a store in San Francisco. Investigators from 39 states will look into the marketing and sales of vaping products by Juul Labs, including whether the company targeted youths and made misleading claims about nicotine content in its devices, officials announced Tuesday. Juul released a statement saying it has halted television, print and digital advertising and eliminated most flavors in response to concerns by government officials and others.  (AP Photo/Samantha Maldonado, File) [SAMANTHA MALDONADO  |  AP]
  4. St. Petersburg-based Jabil said Tuesday it's projecting that the spread of the coronavirus will hurt its second-quarter performance. [Handout photo]
  5. The future site of Green Light Cinema at 221 Second Ave on Monday, Feb. 24, 2020 in St. Petersburg. The art house theater will be nestled between Pour Taproom and 2nd & Second. [MARTHA ASENCIO-RHINE  |  Times]
  6. Keesha Benson is director of Thrive By Five Pinellas for the Early Learning Coalition of Pinellas. (Early Learning Coalition of Pinellas photo) [Early Learning Coalition of Pinellas County]
  7. The H. Lee Moffitt Cancer Center & Research Institute purchased 775 acres in central Pasco County for a planned expansion. TIMES [VYCELLIX, A SWEDISH CANCER THERAPY RESEARCH COMPANY, IS SETTING UP ITS U.S. HEADQUARTERS NEAR THE H. LEE MOFFITT CANCER CENTER & RESEARCH INSTITUTE IN TAMPA. (TIMES FILES]
  8. Trader Gregory Rowe works on the floor of the New York Stock Exchange, Monday. Stocks are opening sharply lower on Wall Street, pushing the Dow Jones Industrial Average down more than 700 points, as virus cases spread beyond China, threatening to disrupt the global economy. (AP Photo/Richard Drew) [RICHARD DREW  |  AP]
  9. [Getty Images] [Getty Images]
  10. Tampa Bay Lightning owner Jeff Vinik  [Times staff]
  11. The empty property is home to cattle and egrets, but neighbors fear the new occupants — owners of 218 proposed town homes near Lake Thomas in Land O' Lakes. [C.T. BOWEN  |  Tampa Bay Times]
  12. A "for sale" sign beckons Friday along Sixth Avenue N in the Kenwood area of St. Petersburg. [CHRIS URSO  |  Times]
Advertisement
Advertisement
Advertisement