November 14, 2020
Recommended / Technology

Consumer Data Privacy: California Prop. 24

Written by Jeff Gaines

California Proposition 24, an initiative designed to expand the state’s consumer data privacy laws, was approved by voters earlier this month. Prop. 24 will establish the California Privacy Rights Act, which aims to build on the 2019 California Consumer Privacy Act. The CCPA intended to give consumers basic rights to data privacy, including the right to be informed when data is being collected and the right to refuse the selling of personal data, among others. However, in practice, the CCPA  ended up functioning more as an ideal than a law, allowing companies to dodge the regulations by claiming things as simple as the fact that their business model did not match the one presented in the law. The California Privacy Rights Act will redefine many of the rights and regulations outlined in the CCPA in order to reduce the exploitation seen under the CCPA, as well as creating a state agency, the Privacy Protection Agency, to enforce the new privacy standards. It will also make it far easier for users to opt-out of data collection as well as reducing the time allotted for companies to fix their mistakes, but the exact details of how this law will play out are largely unknown; until it goes into effect in 2023 the law will stay a plan of action.

Compliance Under the CPRA

The most notable aspect of the California Privacy Rights Act is the creation of the Privacy Protection Agency. In the California Consumer Privacy Act, the enforcement of privacy standards fell to the Attorney General’s office. A state agency dedicated to the necessary enforcements for privacy regulation will allow for much more enforcement to take place. The agency’s interpretation and application of the CPRA will determine the outright impact of the law. 

Despite the time needed for the new law to go into action, its ambition will likely set the standard for data protection across the country. A major concern for businesses is the monetary cost of compliance with the new standards, but the change should not be monumental for those that strictly followed the regulations presented in the CCPA.  The CPRA is the strongest privacy protection law in the country; it targets the companies that dodged the CCPA and aims, above all else, to protect users. Also, it is similar in its strength to the European Union’s General Data Protection Regulation. Unsurprisingly, this law will affect the majority of businesses, from giants like Apple to small online businesses, but once again the exact details will not be seen until 2023.   

As far as support goes, most tech giants have been silent on the issue, as the proposition is not inherently bad for business. The majority of debate has been between consumer data protection advocacy groups. Regardless of how the law plays out, it marks a turning point in consumer data privacy and proves that the issues it faces are ones that need to be addressed. 

To stay connected with the latest news in data privacy, check out our IT Blog. You can also follow us on LinkedIn.

To learn more about how Interlaced can help your business with data privacy and information technology services, visit, or email us at today!

Jeff Gaines

Jeff Gaines

Jeff has served as an operating executive at Interlaced since 2016. He is deeply passionate about driving impact for Interlaced, for his community, and for his loved ones. In his spare time, Jeff loves spending time with his wife and son at the world famous San Diego Zoo, enjoying tacos on the beach in Baja, cheering on the San Diego Padres, adventuring outdoors and playing music with friends. Jeff’s top 3 films of all time are Point Break (the original), Road House and Field of Dreams.