Many U.S. companies may have to scramble to comply with California's new privacy law, which is slated to go into effect next year, a new survey suggests.
The law, passed last year, broadly allows consumers to learn what personal information about them is held by businesses, request deletion of that information, and to opt out of its sale.
The bill is slated to take effect January 1, 2020, with enforcement by the state Attorney General beginning next July.
Despite those upcoming deadlines, the law is still a work in progress. California lawmakers are currently considering a slate of possible amendments, and the state Attorney General has yet to issue regulations.
Last month, OneTrust and the International Association of Privacy Professionals surveyed 282 IAPP members about the new law.
Most (79%) said they believed the law will apply to their organizations, while 11% weren't sure. But only a slim majority (55%) of those groups (people who said the law will apply and those who said they don't know) predicted their companies will be ready by next January. A larger proportion (80%) anticipate that their organizations will be in compliance by July of 2020.
Congress is considering privacy legislation that could override the law in California, but only 14% of respondents think a federal law in the next two years is “very likely” or a sure thing.
Around one in three respondents said they thought there were even odds of federal legislation, while 47% believed legislation is unlikely.