Microsoft will honor Californian privacy laws across the entire US
Microsoft has announced that it plans to honor the California Consumer Privacy Act (CCPA) across the whole of the United States, not just in California.
In Europe, GDPR (General Data Protection Regulation) has done a lot to protect people's privacy, and some companies have opted to voluntarily apply similar policies in the US. Microsoft, however, is the first major US company to say it will expand CCPA outside of its home state, bringing greater privacy protection to people across America.
- Microsoft listens to feedback and removes Downloads folder from Disk Cleanup
- Microsoft's Surface Pro X is better than any iPad*
- Microsoft kills off the Skip Ahead ring for Windows Insiders -- what does this mean for you?
Microsoft made the announcement in a blog post in which it derides "the lack of action by the United States Congress to pass comprehensive privacy legislation". The company welcomes the progress made in California, where CCPA is due to come into force from January 1, 2020.
Julie Brill, corporate vice president for global privacy and regulatory affairs and chief privacy officer at Microsoft, explains that, just as it did with GDPR, the company will be expanding CCPA further. She writes:
CCPA marks an important step toward providing people with more robust control over their data in the United States. It also shows that we can make progress to strengthen privacy protections in this country at the state level even when Congress can't or won't act.
We are strong supporters of California's new law and the expansion of privacy protections in the United States that it represents. Our approach to privacy starts with the belief that privacy is a fundamental human right and includes our commitment to provide robust protection for every individual. This is why, in 2018, we were the first company to voluntarily extend the core data privacy rights included in the European Union's General Data Protection Regulation (GDPR) to customers around the world, not just to those in the EU who are covered by the regulation. Similarly, we will extend CCPA's core rights for people to control their data to all our customers in the US.
Brill goes on to explain: "Under CCPA, companies must be transparent about data collection and use, and provide people with the option to prevent their personal information from being sold. Exactly what will be required under CCPA to accomplish these goals is still developing. Microsoft will continue to monitor those changes, and make the adjustments needed to provide effective transparency and control under CCPA to all people in the US. While many of our customers and users will find that the data controls we already offer them through our GDPR commitment will be stronger than those rights offered by the new California law, we hope this step will show our commitment to supporting states as they enact laws that take us in the right direction".