California vs. Surveillance Capitalism: How CCPA Became the De Facto Privacy Law of the United States

In June 2018, a retired real estate developer named Alastair Mactaggart spent $3 million of his own money to put a ballot initiative before California voters. The initiative was simple: Californians should have the right to know what data companies collect about them, the right to delete it, and the right to stop its sale. Tech companies panicked. They spent $45 million lobbying against it. They failed. CCPA passed. That moment — a single wealthy citizen outmaneuvering the entire US tech lobby — tells you everything about how American privacy law gets made. Not through Congress. Not through comprehensive federal legislation. Through California, acting unilaterally, setting a standard that the rest of the country is forced to follow. This is the story of how CCPA became the closest thing America has to a privacy constitution — and why it's still not enough. The California Difference The California Consumer Privacy Act was signed into law on June 28, 2018, and took effect January 1, 2020