Universal Article/Blog/News module
What is The California Consumer Privacy Act?
The California Consumer Privacy Act came into being as a means to enforce privacy rights and consumer protection. This act of parliament was submitted on June 28, 2018, in California, United States. A point to remember is that it only applies to people living in the state of California.
As per the California Consumer Privacy Act, companies should make their consumers aware of how and what their data is being used for. Besides, it states that companies should give their consumers power over the way their information is being used.
Not only does it create awareness amongst people, but it also helps inform the respondents whether their data is being shared or not. The CCPA guarantees California residents an opportunity to unsubscribe from wherever they dislike. Without any further ado, here's a detailed insight into the California Consumer Privacy Act.
Understanding the CCPA Compliance:
The CCPA compliance first came into being by January 1, 2020. But, enforcement of this law began as of July 1. As stated earlier, this legislation applies specifically and only to the residents of California. So how do you become a part of this act? What rights does the CCPA provide? What kind of data does the CCPA cover? If you're wondering all this, here's what CCPA compliance is all about.
Companies Affected by the CCPA
The companies with over $24 million in yearly revenues have to abide by the California Consumer Privacy Act. Moreover, companies that have collected data of over 50,000 users or devices should also obey this law. In addition, companies that gain over 50% profit from selling the data of the respondents have to follow this act as well.
To avoid violation of the CCPA, companies in California are given a notification or a reminder to obey this law within 30 days. Failure to do so would result in hefty penalties, going as high as $7,500 per violation. Keep in mind that this bill was noticed and passed in just a week. This indicates that there will be many changes in this law in the coming future.
Obligations for Businesses
- Under the CCPA, there are certain responsibilities that businesses must keep in mind.
- Companies are required to let the respondents know their information is being gathered.
- Add links to your websites or apps which forbids selling data of any kind. This will help your consumers know their rights.
- Companies must reply to their customers' requests regarding this act on time.
- The identity of those customers' who made certain requests must be known.
- A record regarding the requests must be noted. You must also keep track of the way your company responded.
- Data inventories must be appropriately managed.
- Privacy policies and such practices must be revealed.
3. Data Coverage of CCPA
Compared to the GDPR, the CCPA handles and focuses on much more sensitive data.
It covers the browsing history, visitor relationship with a website, and also olfactory details.
It covers the real name, postal address, personal identifier, online identifier, email address, account name, license number, passport number, social security number, and other identifiers.
- Coverage of geolocation data.
- Classification traits of California
- Information regarding the property, buying products, and such a history of services you purchased.
- Information regarding profession or employment.
- Electronic, visual, or audio information.
- Other details regarding your education.
Initially, CCPA was required to cover not only the employee but also consumer data. This April, a similar bill was passed, but it failed to cover employee data. However, one more bill, AB 25, was passed. This bill excludes collected information from directors, owners, officers, and contractors. This exclusion was to occur on January 1, but the bill, AB 25, was still yet to be signed by the governor.
4. Your CCPA Rights
- You have the right to access your details.
- If you choose to delete any personal information, you are allowed to do so.
- If you dislike your data being sold, you have the right to forbid it.
- You have an equal opportunity to practice your CCPA rights.
- Compliance – GDPR applies to only those companies that work under the European Union. On the other hand, CCPA applies to those companies that gather personal information.
- Right to data – Comparatively, GDPR provides consumers more details regarding their personal information.
- Opt-in and Opt-out – For GDPR consumers, it is necessary to opt-in when communicating in different methods. Although CCPA individuals are given the choice to opt-out; whenever they make a purchase, they still opt-in.
- Fines – Companies are fined for 4% of their annual income under GDPR. This means about $20 million. So far, British Airways has been fined for $138 million, and a hotel group Marriott was fined for $99 million.
CCPA Versus GDPR
CCPA is new legislation. This means it consists of much smaller fines up to $2500 per unintentional violation of this act. If the violation of this law was on purpose, you could be fined up to $7,500.
- The California Consumer Privacy Act enforces privacy rights and Consumer protection.
- This law applies to companies having $25 million income or data of 50,000 consumers.
- Companies are to inform customers of their collected data.
- CCPA covers personal information, public information, location, social and educational information.
- You have the right to access, delete, and forbid your information.
The California Consumer Privacy Act was passed within a week with the primary aim of enforcing privacy rights and consumer protection. This is because many companies opposed other acts that were too strict. CCPA was so far the only acceptable law. Companies are still advised to abide by this law and practice it to avoid any future penalties.
In managing the privacy of consumers, this act certainly works well. This legislation helps strengthen the data security of many companies.