About this guide:
Organizations across the globe are making their way back to the ‘war room’ to analyze the applicability of one of the most comprehensive data privacy laws sweeping the US, the California Consumer Privacy Act of 2018 (“CCPA”) against their business processes. The CCPA, approved on June 28, 2018, was designed to give consumers (i.e. Californians) control over the use, including the sale, of their personal information. This law conceptually has similar characteristics to the European Union’s data protection regulation, including its ability to be enforced on a global scale.
While both privacy acts share a similar intent, the CCPA certainly has its own set of specific characteristics that sets it apart from its European counterpart, and although it appears that many of the general provisions appear to be borrowed from the GDPR and other global privacy practices, organizations will need to carefully evaluate the appropriateness of previously developed policies, procedures, or processes to meet California’s new privacy provisions.
In this article, we look at the new CCPA in comparison to the EU General Data Protection Regulation (GDPR). The aim is to help identify certain similarities and differences between the two regulations to help organizations better strategize their effort in achieving compliance with both.