In January of 2020, the California Consumer Privacy Act (CCPA) takes effect, granting California residents the right to know what personal data is being stored by companies and providing the means to delete or opt-out of the sale and sharing of those data. If this sounds similar to Europe’s General Data Protection Regulation (GDPR) legislation, which took effect in 2018, that’s because the CCPA provides many similar protections. Even if you don’t live in California, because this law applies to for-profit companies who conduct business in the state (the world’s 5th largest economy), it will likely affect the way companies handle your personal data more broadly.
The CCPA provides some novel protections and powerful mechanisms for consumers to fight back against the wanton sharing of personal data. Importantly, the law broadens the definition of “sale” to include any sharing of personal data from which the company would gain valuable consideration. Companies are required to respect requests from individuals to opt-out of any sale of their data, and it prohibits businesses from discriminating against the people who exercise these rights. This legislation is an important step toward a future in which you have more agency and control over your digital identities, but it doesn’t prevent companies from collecting information about you. As individuals, we continue to be vulnerable to large-scale database breaches, which result from the centralization and warehousing of our personal information.
With Token, your credentials are stored locally on your personal device. We don’t seek to profit off of your personal information. Our vision is to help facilitate a world in which you decide what data about you are stored and where your information can only be shared with your knowledge and intent.
Want to talk more about privacy legislation? Connect with me on LinkedIn.
Sign up for the Token newsletter for the biggest news you missed in Identity, Security, and NFC, along with the latest Token product updates.