California Consumer Privacy Act (CCPA) came into force on January 1, 2020, posing new challenges for international companies. We are glad to have helped the international data business with CCPA compliance and registration at California Data Broker Registry.
International businesses should be aware of the following:
CCPA has some standards also included in GDPR (data subject rights, notification requirements about data collection, vendor contracts etc.), however, CCPA’s regulatory burden is considered lower compared to GDPR. Thus, it is safe to say that business compliant with GDPR, should not have significant difficulties adhering to CCPA.
CCPA provides an exception in notifying customers when data is collected not directly from data subjects. To rely on it, business needs to register as data broker in the California data broker registry. GDPR Art. 14 has no similar exceptions, therefore, CCPA regulation is more favorable for data brokers.
CCPA requires business to create a "Do Not Sell My Personal Information" page, where customer is granted with a clear possibility to opt-out of selling their data.
