WHAT IS CCPA?
The California Consumer Privacy Act (CCPA) is a sweeping set of regulations designed to protect consumers from abuses of the data gathered by companies they do business with and firms that sell data about people who visited their website. It went into effect on January 1st, 2020 and enforcement will begin on July 1st. The act imposes heavy fines – up to $7,500 per consumer, per incident. Under this new law the Equifax breach would have cost the company $132 billion in fines! CCPA regs are not final, but here is where they stand as of today.
WHO IS IMPACTED BY CCPA?
Your business is subject to the CCPA if one or more of the following are true:
- Has gross annual revenues in excess of $25 million,
- Buys, receives, or sells the personal information of 50,000 or more consumers, households, or devices,
- Derives 50% or more of annual revenues from selling consumers’ personal information.
What Does CCPA Require?
RIGHT TO NOTICE
RIGHT TO OPT OUT
RIGHT TO DELETION
RIGHT TO ACCESS
- categories of personal information collected including information about the categories of sources from which personal information is collected and the business or commercial purpose
- categories of third parties with which the business shares personal information
- specific pieces of personal information the business holds about a consumer
- If a business sells personal information or discloses it for business purposes, consumers have the right to request the categories of information so sold or disclosed.