[thrmsforbfast]

Nope.

The bill defines covered entities in Sec. 2.(5)(A) and 2.(5)(B). In particular, companies with less than $50,000,000 in gross receipts and information on fewer than 1,000,000 customers are not covered by this legislation.

And even if those apply to your local coffee shop or whatever, Sec. 2(5)(B)(iii) further limits the definition of covered entity so that businesses that do not provide 3rd party access to information are not covered.

So Starbucks and other huge coffee chains/retail shops are the only organizations that would have to re-evaluate data collection from their public Wifi hotspots, and even then might be exempt depending on what they are collecting and how they are using that information. And, I should point out, these companies will need privacy experts on staff anyways, so this provision is highly unlikely to cause them to shutter their in-store Wifi networks...

Additionally, some of the more onerous requirements only apply to a subset of covered entities with yet larger gross receipts and yet larger numbers of tracked consumers.

But, unequivocally, your locally owned mom & pop coffee shop is excluded from consideration under this provision multiple times over.

[blululu]

Unless inflation happens... This only applies to big businesses now, but in 25 years it will start effecting medium sized firms and it will eventually hit small businesses. This will create a morass of bureaucratic regulations stifling entrepreneurship...

[ebullientocelot]

Granting the assumption of monotonically increasing inflation at a wild rate, this is still only true ceteris paribus. I can't imagine inflation that would make a small coffee shop chain into 50m/year revenue (customer floor requirement notwithstanding) would happen in a vacuum.

[anticensor]

What he means is regulatory inflation, not the monetary one. A few years later, the customer threshold would be amended to a few thousands, ten years later, the thresholds would be abolished.