If a company has not begun to prepare for compliance with the California Consumer Protection Act, it should. The effective date of January 1, 2020, is approaching quickly, and the law’s various obligations will take time to implement. This two-part article series addresses why and how to prepare for this expansive regulation. Part one explains why companies need to start preparing immediately, what the project’s scope and timeline should look like and how to obtain buy-in, and clarifies many misunderstandings that cause some companies to think the law does not apply to them. Part two will address operational best practices in setting up CCPA compliance, enforcement expectations and differences between the CCPA and the GDPR. See also “What to Expect From California’s Expansive Privacy Legislation” (Jul. 18, 2018).