Back to the Learning Center

By: Casey Grimes on November 21st, 2018

CCPA: The New Data Privacy Acronym In Town

CCPA is bringing GDPR-like data regulations to the U.S. and with a 2020 deadline, the clock is ticking for marketers. While similar to the GDPR, the CCPA has some key differences marketers should be aware of.

The California Consumer Privacy Act (CCPA), also known as AB 375, is a piece of legislation passed in California in June 2018. Among other things, the legislation gives Californian consumers the right to:

  • Know all data collected by a business

  • Say no to the sale of their information

  • Delete data they’ve given to a business

  • Be informed what categories of data will be collected about them prior to its collection

  • Opt in to allow the sale of their data (if they’re under the age of 16)

  • Know where their data is shared

  • Know where their data was acquired

  • Know why their information is being collected

  • Have the right to take legal action as an individual when data is stolen as a result of a company failing to take reasonable steps to protect it

If this sounds familiar to you as a marketer, it’s no accident. Compared to existing legislation worldwide, the CCPA is most similar to the EU’s General Data Privacy Directive (GDPR) in terms of its goals: providing consumers and businesses insight into how their data is being used by companies. The comparison is an easy one to make: after all, the law originated as a potential California proposition based on GDPR outlines. However, the two differ in some key ways:

  • Each treats collecting personal data and its requirements differently

  • Each handles deadlines and responsibilities both to consumers and companies differently

  • Each handles how individuals and collective associations can bring direct action differently

While some American companies may have taken a “block and tackle” approach to prevent Europeans from entering their data storage, it’s important to know the distinctions between both pieces of legislation if you’re a company focused solely on the American market. Most importantly, you need to be clear about what you need to do to be prepared for the Jan. 1, 2020 deadline ahead.

Want to do a deeper dive on how you and your company may be affected by CCPA? We here at DemandLab specialize in looking at the bigger picture of the customer—going beyond what’s happening in marketing to see how your entire customer ecosystem is impacted by privacy and compliance. We provide strategic recommendations and a custom roadmap to compliance, no matter where you are in terms of your privacy policy today. Contact us for more information.