A little more than one month from implementation of GDPR, companies may be tempted to relax and exhale (and if GDPR is still causing you headaches, consult our checklist). After all, the U.S. couldn’t be crazy enough to implement something as onerous and difficult, right? RIGHT?!?
Enter California, which appears likely to place an initiative on the November 2018 ballot that could bring some familiar aspects of GDPR to the sixth largest economy in the world. The proposed initiative, the Consumer Right to Privacy Act of 2018 (the “CRPA”), still needs to obtain the necessary signatures to appear on the ballot and then be passed by a majority of California voters. However, given the high profile data misuse and breach stories in the news over the past several months, the possible passage of the initiative must be taken seriously.