What is the CCPA?

The CCPA gives consumers more control over the personal information that businesses collect about them. As a result, businesses of any kind, including brokers, are required to give consumers certain notices explaining their privacy practices. This landmark law secures new privacy rights for California consumers, including :

- The right to know about the personal information a business collects about them
- The right to know how information collected is used and shared
- The right to delete personal information collected from them (with some exceptions)
- The right to opt-out of sale of their personal information

Does the CCPA apply

outside of California?

The CCPA is the most significant US privacy law to date and you dont even need to have operations or employees in California for it to affect you. CCPA will apply if your organisation is owned by, or even shares common branding with a Californian business. It applies to all for-profit companies that collect, share, or sell California consumers personal Data and meet one of the following criteria:

- $25M in annual revenue
- Processes Data on >50,000 consumers, households or devices
- Generates 50% of revenues from selling personal Data

What you need to know

about CCPA compliance

A Private Right of Action exists
Businesses should be aware that consumers can exercise a Private Right of Action (PRA) if certain types of personal Data is leaked. Consumers have the right to claim damages up to $750 per person for distress alone, and damages are uncapped for more material harm.

Requests for deletion are accepted
Consumers are in control and are able to request for their Data to be deleted. This may sound logical but in reality, it can be difficult for organisations to comply with these requests. Unfortunately, under the CCPA, failure to comply can result in fines.

Don’t delete, de-identify
To fulfill requests for deletion while maintaining the value of Data, the regulator has confirmed that it’s possible to take Data out of the scope of CCPA by de-identifying Data. That means, you can still retain behavioural and historical Data for future analysis.
wave wave wave

Experience the SecureAge difference

Are your existing Data privacy solutions CCPA compliant, secure, and user friendly?

We use cookies to improve your experience, for analytics and marketing. By continuing to browse our website, we assume you’re ok with this. To find out more about our use of cookies, please see our Cookie Policy.