In the last few weeks you, like me, may have seen an unusual number of emails in your inbox from companies notifying you of recent changes to their privacy policies. This is not a coincidence. It is in response to the California Consumer Privacy Act (“CCPA”), which is set to go into effect on January 1, 2020.
The CCPA is widely acknowledged to be the most comprehensive piece of privacy legislation in the United States. The fact that it was passed in California—the epicenter of big tech in the United States—is at once understandable and surprising, given the political heft of that industry both in California and at the federal level.
Regardless of your thoughts on the politics of the CCPA, if you’re a Washington business owner, you’re probably wondering why it matters to you—after all, it’s a California law. While true, the CCPA will apply to certain companies that do business in California, regardless of whether the company is based in California or elsewhere, and for that reason all Washington companies doing business in California or planning to in the future should be aware of their obligations, to the extent they have any, under the CCPA.
Even if your company does no business in California, the CCPA should still be on your radar. As I’ve written elsewhere on this blog, California is regularly at the vanguard of setting policy that is later adopted by other states. With Seattle and the Puget Sound region emerging as a Silicon Valley competitor, Washington has a particularly strong incentive to keep pace with California as it competes for top tech talent.
If you need a reminder of this, look no further than Washington’s recent legislative restrictions on employee non-compete agreements (employee non-competes are largely banned in California.)