California's Drop Platform Launches: What Enterprise B2B SaaS Companies Need To Know About Data Deletion Compliance
Security Boulevard, Monday, January 5th, 2026
California residents can now delete their personal data from over 545 registered data brokers with a single click. The Delete Request and Opt-out Platform (DROP), which went live on January 1, 2026, represents the most ambitious consumer privacy initiative in U.S. history.
But while headlines focus on consumer empowerment and data broker obligations, enterprise B2B SaaS companies face an equally important question: Is your identity infrastructure ready for the broader compliance implications this law represents?
Understanding DROP: The One-Click Data Deletion Revolution
California's Delete Act (SB 362) created DROP-a centralized platform where California residents can request deletion of their personal information across all registered data brokers through a single request. Starting August 1, 2026, data brokers must check the platform at least every 45 days and delete any matched consumer data within that timeframe, with fines of $200 per deletion request, per day for non-compliance.