High urgency

California Consumer Privacy Act (CCPA) | State of California - Department of Justice - Office of the Attorney General

Detected July 5, 2026 · in US State Data-Privacy Laws

The California Consumer Privacy Act (CCPA) has been updated with new regulations effective immediately, expanding requirements for data minimization, risk assessments, and opt-out signals like Global Privacy Control. Businesses must comply or face penalties.

Aforeworn detected this change in the US State Data-Privacy Laws space on July 5, 2026 and published this briefing so affected operators are forewarned rather than caught off guard. It is rated High urgency. Multistate retailers, adtech/data brokers, SaaS platforms, privacy consultants should confirm how it applies to their specific situation before acting. There is a time constraint attached: Immediate compliance expected; enforcement begins July 1, 2024.. Acting after that point can mean penalties, a lapsed licence, or lost eligibility — exactly the kind of surprise Aforeworn exists to prevent. Aforeworn monitors US State Data-Privacy Laws continuously and turns every detected change into a plain-English briefing like this one, so you always know first. Forewarned is forearmed.

What changed

New regulations mandate data minimization, risk assessments for automated decision-making (ADMT), and recognition of universal opt-out signals (e.g., Global Privacy Control).

Who it affects

Multistate retailers, adtech/data brokers, SaaS platforms, privacy consultants

What you must do

Update privacy policies, implement opt-out mechanisms, conduct risk assessments for ADMT, and ensure data minimization practices.

Deadline

Immediate compliance expected; enforcement begins July 1, 2024.

Source: https://oag.ca.gov/privacy/ccpa

Never miss a change like this again

Aforeworn watches US State Data-Privacy Laws around the clock and alerts you the moment a rule moves — with a plain-English brief on what to do.

Start your free trial

Related changes in US State Data-Privacy Laws