Signup For Specials, Security Alerts, & News!

© 2009-2020 -MS CYRIGO INC. All Rights Reserved| The certification names are the trademarks of their respective owners.   
  Cookie Policy | Privacy PolicyTerms of Use | Refund Policy | Reschedule Policy | Disclaimer

California Consumer Privacy Act (CCPA)

The California Consumer Privacy Act (CCPA), enacted in 2018, creates new consumer rights relating to the access to, deletion of, and sharing of personal information that is collected by businesses. It also requires the Attorney General to solicit broad public participation and adopt regulations to further the CCPA’s purposes. The proposed regulations would establish procedures to facilitate consumers’ new rights under the CCPA and provide guidance to businesses for how to comply.

CCPA Fact Sheet

The California Consumer Privacy Act (CCPA) was enacted in 2018 and takes effect on January 1, 2020. On October 10, 2019, Attorney General Xavier Becerra released draft regulations under the CCPA for public comment.

CCPA New Rights for California consumers:

• The right to know what personal information is collected, used, shared or sold, both as to the categories and specific pieces of personal information;

• The right to delete personal information held by businesses and by extension, a business’s service provider;

• The right to opt-out of sale of personal information. Consumers are able to direct a business that sells personal information to stop selling that information. Children under the age of 16 must provide opt in consent, with a parent or guardian consenting for children under 13.

• The right to non-discrimination in terms of price or service when a consumer exercises a privacy right under CCPA.


Cost estimates for CCPA compliance

  1. According to estimates in the Standardized Regulatory Impact Assessment for the CCPA regulations, the CCPA will protect over $12 billion worth of personal information that is used for advertising in California each year.

  2. Preliminary estimates suggest a total of $467 million to $16,454 million in costs to comply with the draft regulation, if finalized, during the period 2020-2030

CCPA and GDPR

The California Consumer Privacy Act (CCPA) and the European Union’s General Data Protection Regulation (GDPR) are separate legal frameworks with different scopes, definitions, and requirements. A business that complies with GDPR and is subject to CCPA may have additional obligations under CCPA.

  • For example, under GDPR, companies must undertake a data inventory and mapping of data flows in furtherance of creating records to demonstrate compliance. Additional data mapping may be important to reflect the different requirements under CCPA.

  • Under GDPR, companies must develop processes and/or systems to respond to individual requests for access to personal information and for erasure of personal information. These processes and/or systems may be applied to handling CCPA consumer requests, although businesses may need to review and reconcile the different definitions of personal information and applicable rules on verification of consumer requests.

  • Under GDPR, companies must disclose data privacy practices in a privacy policy. CCPA also requires companies to disclose specific business practices in a comprehensive privacy policy. Many California companies that operate commercial websites and online services must post a privacy policy under the California Online Privacy Protection Policy, or CalOPPA, and will need to update this policy for CCPA.

  • Under GDPR, companies must draft and execute written contracts with its service providers (“processors”). Companies may need to review these contracts to reflect requirements under CCPA.


#CCPA #CaliforniaConsumerPrivacyAct

Source: California Consumer Privacy Act (CCPA) FACT SHEET

Source: Background on the CCPA & the Rulemaking Process

Source: Berkeley Economic Advising and Research, LLC, Standardized Regulatory Impact Assessment: California Consumer Privacy Act of 2018 Regulations (August 2019)

Source: Berkeley Economic Advising and Research, LLC, Standardized Regulatory Impact Assessment: California Consumer Privacy Act of 2018 Regulations (August 2019). This number is specifically the cost associated with the regulations and not general compliance costs associated to the underlying CCPA law.

1 view

MS CYRIGO INC

PO BOX 72314
FORT BRAGG, NC 28307

202-780-9794

  • Facebook Social Icon
  • Twitter Social Icon
  • LinkedIn Social Icon
  • Instagram

Certifications and Accreditations:


MS CYRIGO Inc. is affiliated with and actively engaged in many professional and industry organizations..  A service-disabled veteran and minority women-owned small business, we have contract vehicles to assist military, government, and private sector cyber security infrastructure needs.