CCPA Regulations, the Californian GDPR? California Attorney General releases draftRegulations under the California Consumer Privacy Act.
You think Data Privacy and Data Protection and it’s more than likely that the GDPR or the UK Data Protection Act 2018 will come to mind. This is because over the last few years significant strides have been made within the European Union and the United Kingdom as it relates to privacy rights in the today’s highly connected technological era. Yet while it seemed that regulations and restrictions were more centered towards the European countries, the recent introduction of the CCPA Regulation by California Attorney General Xavier Becerra will undoubtedly usher in privacy changes for the US and any company doing business with California citizens.
What is CCPA?
According to Office of the Attorney General California “the California Consumer Privacy Act (CCPA), creates new consumer rights relating to the access to, deletion of, and sharing of personal information that is collected by businesses.”
As a result of the CCPA California-based consumers will now have the following rights:
- the right to request that a business that collects a consumer’s personal information disclose to that consumer the categories and specific pieces of personal information the business has collected.
- the right to request that a business delete any personal information about the consumer which the business has collected from the consumer.
- the right to request that a business that collects personal information about the consumer disclose to the consumer information related to the categories of personal information collected, the source of the information, the use of the information and, if the information was disclosed or sold to third parties.
- the right to request that a business that sells the consumer’s personal information, or that discloses it for a business purpose, disclose to that consumer
- the right, at any time, to direct a business that sells personal information about the consumer to third parties not to sell the consumer’s personal information. This right may be referred to as the right to opt-out.
While the CCPA was enacted in 2018, Aphaia’s Managing Director Bostjan Makarovic explained that it needed regulations from the attorney general in order to function properly. Last week these much anticipated regulations were issued by the California AG.
CCPA Regulations Overview:
Known as the California Consumer Privacy Act Regulations these regulations govern compliance with the CCPA and violation of the regulations shall constitute a violation of the CCPA.
The following guidelines and requirements are detailed in the CCPA Regulations;
The regulations are expected to come into effect on January 1, 2020.
Will the CCPA affect Europe and UK-based companies?
Aphaia’s Managing Partner Bostjan says: “In a way similar to GDPR, CCPA is not only relevant for businesses based in the jurisdiction but also to any business that process (collect, sell, disclose) personal information from California resident consumers.”
