Microsoft commits to honouring California Consumer Privacy Act nationwide

It's the first company to make such a promise, but it might not be as rose-tinted as it seems

Microsoft has announced its commitment to honouring the principles of the upcoming California Consumer Privacy Act (CCPA) nationwide, the first big technology firm to do so.

It cited the success of Europe's General Data Protection Regulation (GDPR) as a key motivator in its decision to support the "landmark privacy law", adding that privacy should be seen more as a human right that shouldn't be violated.

The CCPA is due to take effect in the west coast state on 1 January 2020. Similar to the motivations of GDPR, the CCPA aims to introduce more robust rules to protect the privacy of California's citizens and compel companies to be more transparent in the way they handle their customers' data.

Also, like the GDPR, the CCPA will financially punish companies that suffer from damaging data incidents. Companies found to be breaching the CCPA could be fined up to $2,500 per violation or up to $7,500 if it's clear the violation was intentional.

Victims will also be afforded the right to file a class-action lawsuit against the offending company for damages ranging between $100 and $750. Businesses also have 30 days to rectify any incidents that fall foul of the CCPA's rules.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Although California citizens will have the legal right to hold companies to account, Microsoft customers outside of the state will have to simply rely on the company's promise.

"While many of our customers and users will find that the data controls we already offer them through our GDPR commitment will be stronger than those rights offered by the new California law, we hope this step will show our commitment to supporting states as they enact laws that take us in the right direction," said Microsoft in a blog post.

"We are optimistic that the California Consumer Privacy Act - and the commitment we are making to extend its core rights more broadly - will help serve as a catalyst for even more comprehensive privacy legislation in the US.

"As important a milestone as CCPA is, more remains to be done to provide the protection and transparency needed to give people confidence that businesses respect the privacy of their personal information and can be trusted to use it appropriately."

Related Resource

Trends in modern data protection

A comprehensive view of the data protection landscape

Download now

However, Microsoft's commitment may not be as transformative as the company may wish to communicate. An individual close to the matter told Reuters that Microsoft will have a much easier time of committing to such data protection laws due to the way it structures its business divisions.

Advertisement - Article continues below

Many of its data-collecting divisions which include the likes of Edge, Cortana, Windows, Skype and Xbox Live can be classified as service providers - a type of business that is given special consideration under data protection laws.

For example, a business that shares an individual's data with a third-party company may be required to disclose that information with its customers in addition to providing them with advanced notice that the data may be sold or shared.

The same rules don't always apply to service providers receiving data from other businesses and those disclosure clauses may not be triggered, making it easier to comply with data protection law without having to drastically revamp the company's day-to-day operations.

It's believed that other states will enact their own privacy laws before Congress gets around to passing its own national law. The states of Washington and New York are both working on getting their own privacy laws through their respective legislatures and these will probably have different conditions to California's.

This means Microsoft will have to also commit to honouring these different rules if or when they are introduced which could prove to be a challenging feat.

Featured Resources

Transform the operator experience with enhanced automation & analytics

Bring networking into the digital era

Download now

Artificially intelligent data centres

How the C-Suite is embracing continuous change to drive value

Download now

Deliver secure automated multicloud for containers with Red Hat and Juniper

Learn how to get started with the multicloud enabler from Red Hat and Juniper

Download now

Get the best out of your workforce

7 steps to unleashing their true potential with robotic process automation

Download now
Advertisement

Recommended

Visit/backup/33385/arcserve-udp-9240dr-review-beef-up-your-backups
backup

Arcserve UDP 9240DR review: Beef up your backups

4 Apr 2019

Most Popular

Visit/security/vulnerability/354309/patch-issued-for-critical-windows-bug
vulnerability

Patch issued for critical Windows bug

11 Dec 2019
Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/hardware/354193/buy-it-to-grow-not-slow-your-business
Sponsored

Buy IT to grow, not slow, your business

25 Nov 2019
Visit/operating-systems/microsoft-windows/354297/this-exploit-could-give-users-free-windows-7-updates
Microsoft Windows

This exploit could give users free Windows 7 updates beyond 2020

9 Dec 2019