Intro to CCPA vs. GDPR
On May 25, 2018, the General Data Protection Regulation (GDPR), a law regulating how businesses must handle personal data, came into effect. The impact on how online user data had to be handled was massive. Shortly thereafter, on 28 June that year, the California Consumer Privacy Act (CCPA) was passed, going into force on 1 January 2020. On August 14, 2020, the final regulations were approved and it immediately went into effect. To the relief of those companies that were already GDPR compliant, CCPA is, in many ways, a more lenient version of GDPR. However, there are important differences.
GDPR recap
GDPR legislates how companies in the EU must handle personal data. This includes names, email addresses, location data, browser data, etc. This legislation places a responsibility upon companies to be transparent in their handling of personal data and maintain records of how they process that information. The law is meant to ensure that individuals always retain control over their information. Most importantly, consent to use personal information must be explicitly given before being collected and can be revoked whenever it is requested. There is no such thing as implicit consent. For example, browsing or scrolling through a website cannot be considered consent to collect and make use of personal information.
Try VinciWorks’ GDPR training here
Continue reading