Microsoft to Support CCPA Everywhere in the U.S.

Microsoft said today that it will support the California Consumer Privacy Act (CCPA) everywhere in the United States.

“In the absence of strong national legislation, California has enacted a landmark privacy law, known as the California Consumer Privacy Act, or CCPA, which goes into effect on January 1, 2020,” Microsoft corporate vice president Julie Brill writes in a new post to the Microsoft On the Issues Blog. “We are strong supporters of California’s new law and the expansion of privacy protections in the United States that it represents … Microsoft will provide effective transparency and control under CCPA to all people in the U.S.”

Windows Intelligence In Your Inbox

Sign up for our new free newsletter to get three time-saving tips each Friday — and get free copies of Paul Thurrott's Windows 11 and Windows 10 Field Guides (normally $9.99) as a special welcome gift!

"*" indicates required fields

This field is for validation purposes and should be left unchanged.

The CCPA is a set of strict rules designed to protect consumers and their personal data. However, the requirements are evolving, so Microsoft says that it will continue to monitor those changes to ensure that it is always in compliance. The long game, of course, is for pervasive privacy policies to be adopted at the national level.

“We are optimistic that the California Consumer Privacy Act—and the commitment we are making to extend its core rights more broadly—will help serve as a catalyst for even more comprehensive privacy legislation in the U.S.,” Brill notes. “As important a milestone as CCPA is, more remains to be done to provide the protection and transparency needed to give people confidence that businesses respect the privacy of their personal information and can be trusted to use it appropriately.”

Finally, Microsoft says it will also work to ensure that its enterprise customers are in compliance with the CCPA.

“Our goal is to help our customers understand how California’s new law affects their operations and provide the tools and guidance they will need to meet its requirements,” she adds.

Tagged with

Share post

Please check our Community Guidelines before commenting

Conversation 14 comments

  • lvthunder

    Premium Member
    11 November, 2019 - 5:25 pm

    <p>This sounds like one of these laws that are out to get people (or in this case companies) that the lawmakers don't like. Statements like "The CCPA is a set of strict rules designed to protect consumers and their personal data. However, the requirements are evolving, so Microsoft says that it will continue to monitor those changes to ensure that it is always in compliance." is very worrisome. If the law is already passed why are the requirements evolving. The requirements should be in the law that was passed. So if it's not the lawmakers setting the requirements who is?</p>

    • chrisrut

      Premium Member
      11 November, 2019 - 5:49 pm

      <blockquote><em><a href="#488076">In reply to lvthunder:</a></em></blockquote><p>"Why are the requirements evolving?"</p><p><br></p><p>Because the technology is always evolving – and as I mentioned in my comment, social policy lags technology by years. </p>

      • lvthunder

        Premium Member
        11 November, 2019 - 6:40 pm

        <blockquote><em><a href="#488082">In reply to chrisrut:</a></em></blockquote><p>You need to write laws that are technology independent. Or pass new laws to supplement the older ones. Having open ended laws puts someone other then the elected officials in charge. That's where "the swamp" and "deep state" comes in. They are the ones that actually set the rules instead of the accountable elected officials.</p>

    • ebnador

      Premium Member
      11 November, 2019 - 5:49 pm

      <blockquote><em><a href="#488076">In reply to lvthunder:</a></em></blockquote><p>complicated laws usually "evolve" as edge cases and unintended consequences wind through the court. It's the court system that has to interpret what the law means . Lawmakers rarely write laws where everyone knows exactly what they need to do to comply.</p>

      • lvthunder

        Premium Member
        11 November, 2019 - 6:36 pm

        <blockquote><em><a href="#488083">In reply to ebnador:</a></em></blockquote><p>So you are saying lawmakers rarely write good laws.</p>

    • wright_is

      Premium Member
      12 November, 2019 - 3:02 am

      <blockquote><em><a href="#488076">In reply to lvthunder:</a></em></blockquote><p>Look at it in another domain, road use laws have been in place for decades, but they are often fine-tuned for edge cases. Then you have the surge in technology with self-driving cars, or self-braking, cars that communicate etc. The laws have to take that into consideration and whether the existing laws cover them or whether amendments are needed.</p><p>In Europe electric cars now have to make a noise when travelling under 30km/h to warn pedestrians that they are coming. There are still discussions going on about who is responsible if an autonomous vehicle has an accident, the driver? The company that sold the car? The developer of the software?</p><p>Or more mundane things, like making seatbelts compulsory, back in the 70s and 80s (at least here in Europe), high intensity rear lights for driving in fog and other reduced visibility situations; reflectors for parked vehicles, air bags, new cars having to have the equivalent of OnStar in Europe etc.</p><p>Tax laws change on an annual basis, here in Germany.</p><p>The world is constantly changing and the laws have to change to cope as new technologies make things possible that weren't even fantasy, when the laws were created.</p>

      • lvthunder

        Premium Member
        12 November, 2019 - 10:50 am

        <blockquote><em><a href="#488160">In reply to wright_is:</a></em></blockquote><p>I'm fine with laws changing if they are changed by the legislative process and they are clearly written. What I'm complaining about are laws that are written that leaves the details to be interpreted by un-elected bureaucrats.</p>

  • Winner

    11 November, 2019 - 5:42 pm

    <p>Good for Microsoft!</p>

  • chrisrut

    Premium Member
    11 November, 2019 - 5:42 pm

    <p>The punchline in talks to technology groups I've given this year is that I believe mental privacy needs to be explicitly protected in the Bill of Rights. </p><p><br></p><p>Consider this: it is well documented that computer-brain interfaces are under development. But while the public focus is on the benefits – most obviously the ability to help the visually and otherwise impaired regain functionality – said interfaces will inevitably become two-way: computers will be able to interject thoughts directly into human heads, bypassing the strictures of language and normal perception. That's not Sci-fi – that's easily foreseeable evolution of technology. </p><p><br></p><p>To what person, company, party, or nation would you grant that privilege? Then, consider that social policy ALWAYS lags technological capacity by many years… </p>

  • warren

    11 November, 2019 - 6:51 pm

    <p>This is sensible from a technological perspective — it'd actually be more work to enforce different levels of privacy laws on a state-by-state basis, given freedom of movement and all that.</p><p><br></p><p><br></p>

    • MikeGalos

      12 November, 2019 - 12:03 pm

      <blockquote><em><a href="#488092">In reply to warren:</a></em></blockquote><p>Yes and no. The points you make are reasons why it's easier to make one policy but the difficulty comes from each individual nation wanting to enforce the "local data" parts that say that data on their citizens or residents must reside on servers in that country aside from specific technical reasons for data moving out of the country on a case by case basis. That involves LOTS of additional server farms and each of those has additional local laws on other items. </p><p><br></p><p>I worked on one system as a consult where the client needed to keep data local in several countries they operated in but kept their technical support lines in their home country. To do that, the personal data was stored in the customer country and when a support person needed to access that data they had to use a system that would show them redacted data without private data. If they needed the private data (and usually did to ask the client questions) they had to fill out an incident screen identifying the data copied temporarily out of the customer country and the reason before they could see the unredacted data. </p>

  • MikeGalos

    11 November, 2019 - 7:14 pm

    <p>Any responses from Google. Apple, Facebook, Twitter or Thurrott.com/Petri on whether they're going to do the same?</p>

    • Brumfondl

      Premium Member
      12 November, 2019 - 1:05 am

      <blockquote><em><a href="#488095">In reply to MikeGalos:</a></em></blockquote><p>Apple, iirc, have instituted the GDPR world-wide already so I would wonder if the CCPA offers better, the same, or less protection.</p>

      • wright_is

        Premium Member
        12 November, 2019 - 3:03 am

        <blockquote><em><a href="#488158">In reply to Brumfondl:</a></em></blockquote><p>IIRC, it was based on GDPR, but was watered down a little bit, although much less than people feared or big IT had pleaded for.</p>

Windows Intelligence In Your Inbox

Sign up for our new free newsletter to get three time-saving tips each Friday

"*" indicates required fields

This field is for validation purposes and should be left unchanged.

Thurrott © 2024 Thurrott LLC