To business owners who are still adjusting to the changes brought by the General Data Protection Regulation, the arrival of the CCPA has generated a whole new raft of questions.
To understand the new legislation and how it could impact your business, we’ve summarised the key differences and privacy considerations that you need to know for each law.
To address issues around the resale of people’s information, the CCPA introduced a set of consumer “rights” that businesses must respect:
Neither CalOPPA or CCPA require consent prior to the collection of personal data, unless that data belongs to a Californian resident under the age of 16.
The CalOPPA applies to any business or online service that collects “personally identifiable information” about Californian residents, regardless of their physical location.
Examples of personal information mentioned by the law include names, email addresses, phone numbers or any other information that can be combined with these to identify somebody (such as an IP address or cookies).
While most businesses are likely to be impacted by the CalOPPA, the CCPA is more targeted towards companies that process and profit off the personal information of consumers on a large scale.
It applies to any organisation that conducts business with Californian consumers and meets one of the following criteria:
An important caveat to note is that the CCPA also considers Internet, electronic network activity and biometric data to be personal information.
This may take some businesses by surprise, as the collection of data such as browsing history and even website server logs could now mean that they must comply with the CCPA.
The CCPA compliance requirements are essentially the same, with some extra stipulations.
While the enforcement date for the CCPA isn’t until July 1, 2020, many companies are scrambling to update their policies and practices to avoid the huge fines allotted by the regulation.
Under the CCPA, a “violation” of the law can be as simple as someone visiting your website and can cost you a fine of up to $7,500.
In an increasingly globalised marketplace, both the CalOPPA and CCPA have a far-reaching impact.
All website owners should be aware of how these new regulations could impact their business and the way they manage their customers’ personal data.