California Consumer Privacy Act (CCPA)

What is the California Consumer Privacy Act (CCPA)?

‍

The California Consumer Privacy Act is a state statute passed in 2018. It gives California residents new data privacy rights and requires compliance obligations from any for-profit entity that does business with California residents. Enforcement of CCPA regulations went into effect on January 1, 2020.

‍

New privacy rights for California residents include:

‍

• The right to know about the personal information a business collects about them and how it is used and shared

‍

• The right to delete personal information collected from them (with some exceptions)

‍

• The right to opt out of the sale of their personal information

‍

• The right to non-discrimination for exercising their CCPA rights

‍

Public, non-profit entities are exempt from complying with the CCPA. Any business’s contractual provision that would otherwise waive a California resident’s data rights is unenforceable under the CCPA. 

‍

The CCPA protects personal information (PI) that identifies, relates to, or could reasonably be linked with a California resident or their household. Examples of CCPA-protected data include social security numbers, credit card numbers, and internet search history. Publicly available information is not protected under the CCPA.

‍