On June 28, California Gov. Jerry Brown signed AB 375—otherwise known as the California Consumer Privacy Act of 2018 into law.

The bill was rushed through the California Legislature to head off a more stringent law that was already slated to be on the ballot in November.

What does the CCPA do?

The CCPA is a consumer privacy law, modeled to a certain extent on the European Union's recently passed General Data Protection Regulation. It establishes requirements for certain companies with respect to how they collect, store and manage private user data. It also provides California consumers with specific rights with respect to their private data.

The CCPA provides for a $7,500 penalty per violation, which can be enforced by the California attorney general. It also includes a private right of action for certain violations and data breaches.

What information is considered personal information and subject to the CCPA?

The term “personal information” is defined very broadly. According to Blaine C. Kimrey writing for The National Law Review, the term “personal information” includes: