Guest Blog Post for Redwood Valley Technical Solutions by Donata Kalnenaite, Esq., CIPP
- Organizations inside of the EU;
- Organizations outside of the EU if they offer goods or services to EU residents or monitor the behavior of EU residents.
- The California Consumer Privacy Act passed recently and the law goes into effect on January 1, 2020. It applies to companies that do business in California and:
- Have annual gross revenue of more than $25,000,000;
- Annually buys or receives the PII of 50,000 or more California residents; or
- Derives more than 50% of its revenue from the selling of PII of California residents.
- Businesses in Nevada;
- Companies outside of Nevada who:
- Direct their activities to Nevada;
- Transact with Nevada consumers; or
- Are sufficiently connected to Nevada.
Other states, including Minnesota, are proposing privacy bills as well.
Note that a lot of these laws have provisions that would make them applicable to businesses outside of that particular state. When consumers search Google, they go to the website that answers their questions or fulfills their needs. Searches are not always by the location of the business. This means that these state-specific laws may apply to you regardless of your physical location.
The risks of non-compliance
About the author: Donata is the President of Termageddon and the engineer behind the policy questions and text. She is a licensed attorney and a certified information privacy professional. She often volunteers at the Illinois State Bar Association holding courses on the General Data Protection Regulation where she teaches other attorneys on the importance of privacy and what Privacy Policies should contain. This post is provided for informational purposes only and should not be considered legal advice.