When California voters approved the California Privacy Rights Act of 2020 (CPRA), they signaled that the groundbreaking California Consumer Protection Act (CCPA)—the closest thing Americans have to the privacy protections enjoyed by individuals in Europe—was not enough. They wanted more consumer rights and more enforcement. They even created a brand new government entity, the California Privacy Protection Agency (CPPA), to regulate the new law’s provisions.
The annual budget for the agency tasked with regulating privacy in a state with a $3 trillion annual GDP and the home to more tech companies than any other: $10 million. Reading that ...