California Consumer Privacy Act (CCPA)
The California Consumer Privacy Act (CCPA) has come into effect from January 1, 2020. The CCPA is a law that enhances privacy rights and consumer protection for California, US residents.
Although CCPA only applies to California residents, the impact is much broader including most major companies dealing with consumer data related to California customers.
CCPA will give consumers these fundamental rights:
Access
Request a full data disclosure from companies accessing information. This includes but is not limited to biometrics, internet browsing information, purchase history, location data, academic and employment information.
Delete
Consumers can request to have their data deleted.
Opt-out and Do not sell
Consumers have the right to opt-out, so that companies holding their data cannot sell it to the third-party vendors.
Businesses affected by CCPA
Businesses that serve California residents and meet the below thresholds, must:
- Make an annual revenue of over USD 25 million
- Possess personal information of 5,000 or more consumers, households, or devices
- Earn more than half of its annual revenue/ profit from selling of personal data/ information
Penalties for noncompliance with the CCPA
Each individual violation evokes a penalty of USD 2,500 if unintentional, and USD 7,500 if intentional. Organizations have 30 working days to fix alleged violations after they have been notified of their noncompliance.
How LTIMindtree can accelerate your CCPA readiness
Organizations should consider both legal and operational processes to ensure consumer data protection. At LTIMindtree, we not only ensure that you meet GDPR and CCPA mandates, but regularly update our Privacy framework to meet new international privacy laws.
