The compliance date for the California Consumer Privacy Act (CCPA) is less than one month away now, as it is expected to be enforced on July 1, 2020.
Are you ready for CCPA? As we published in our last blog about CCPA, despite COVID-19 pandemic, CCPA is set to move forward as scheduled on July 1, 2020, which means that the enforcement day is less than one month away now.
The CCPA was enacted in 2018 and it is the first law in the US to provide the consumers with privacy rights. It creates new consumer rights relating to the access to, deletion of, and sharing of personal information that is collected by businesses.
Are CCPA’s requirements the same than the ones imposed by the GDPR?
Not exactly. There are some similarities and differences between the CCPA and the GDPR. For example, the CCPA requires to add a “Do Not Sell My Personal Information” link to the website, in relation to the sale of consumers’ personal information.
You can visit our CCPA vs GDPR blog for further information.
Should Europe and UK-based companies worry about the CCPA?
The CCPA applies to organisations that do business in California and even though it is not explicitly mentioned, it also seems to be applicable to those ones established outside of California if they collect, sell or disclose California consumers personal information while conducting business in California, so in a way similar to GDPR, CCPA is not only relevant for businesses based in the jurisdiction but also to any business that process (collect, sell, disclose) personal information from California resident consumers.
While the CCPA was enacted in 2018, it needed regulations from the attorney general in order to function properly. They were issued by the California AG on October 2019. Two set of modified Proposed Regulations have been released since then
How should I get ready?
Businesses subject to CCPA should run an audit to make sure their current processes and activities fit CCPA’s requirements, plus they should make any necessary changes before the enforcement date.