A Consumer’s Guide to the California Consumer Privacy Act
The California Consumer Privacy Act (CCPA) is a new privacy law aimed at protecting California consumers by establishing new privacy rights. The CCPA, also known as AB 375, was put into effect on January 1, 2020. In a press release describing the regulations, California Attorney General Xavier Becerra was quoted saying, “We take a historic step forward today to protect Californians’ inalienable right to privacy. Once again, California leads the way putting people first in the Age of the Internet.” These new regulations are meant to improve the privacy awareness of consumers who might not know how, when and why their data is being used.
Every survey you take, every click you make, are they watching you?
While you are surfing the web you leave digital traces that companies can use to learn about your location, gender, age, income, interests, opinions, browsing/purchasing tendencies, advertisement preferences, and more. Data collection is a common practice by companies. Catching up with the realities of the internet age has taken some time. With the new privacy law enacted in California, the sun has begun to set on the unregulated, Wild West days of data collection. With the new law, both consumers and businesses can benefit from the increased privacy awareness.
What are my privacy rights as a consumer?
According to the CCPA Fact Sheet published by California’s Attorney General, the new law has given consumers 4 fundamental privacy rights: the right to know, the right to delete, the right to opt-out and the right to non-discrimination:
- “The right to know what personal information is collected, used, shared or sold, both as to the categories and specific pieces of personal information;
- “The right to delete personal information held by businesses and by extension, a business’s service provider;”
- “The right to opt-out of sale of personal information;”
- “The right to non-discrimination in terms of price or service when a consumer exercises a privacy right under CCPA.”
Now that the California Consumer Privacy Act has been put into effect, understanding these rights can help people to successfully exercise them. Here are the answers to some frequently asked questions about the California Consumer Privacy Act:
California Consumer Privacy Act FAQs
When do businesses let you know they have collected your data?
Businesses have to let you know what will be collected either at the moment they collect data from you, or before they begin to collect.
How is data “collection” defined?
Collection has a wide definition in order to encompass the diverse ways in which companies can collect data including active means (like buying or renting) and passive means (such as receiving). Basically, collection refers to any means by which a company can get access to your data.
What is “personal information”?
In a nutshell, personal information is any information that can be linked with a consumer or a household. Essentially this means information that could identify consumers. However, this doesn’t pertain to information that is available in the public domain (e.g. made public from government records). Here are some examples of personal information under CCPA:
- Postal address
- Email address
- Passport/Driver’s license number
- Purchase history
- Browsing/search history
Why isn’t some data protected under the “right to delete”?
In some cases, businesses are not required to delete personal information. For example, a business does not have to delete data if it is necessary for completing a transaction, detecting and protecting against security incidents, or exercising the right to free speech.
What is meant by “opt-out”?
This means that consumers can tell businesses not to sell their data to third-parties.
What is protected under the “right to non-discrimination”?
Essentially, this keeps businesses from using tactics to try to keep consumers from exercising their privacy rights. This includes:
- refusing to offer the same goods and services,
- providing goods and services of lower quality,
- giving a different price,
- Or suggesting that any of these three scenarios might take place.
When will the California Consumer Privacy Act be enforced?
Summer 2020 – the Attorney General of California will begin the enforcement of the California Consumer Privacy Act on July 1, 2020. During this time, businesses may have to make changes in light of the new act to ensure they are CCPA compliant.
How is the CCPA different from GDPR?
Some people may wonder how the CCPA compares to the privacy laws in Europe. The General Data Protection Regulation (GDPR) is meant to regulate and protect data in the European Union. According to article Complete Guide to Privacy Laws in the US, a key difference between the CCPA and GDPR is the right to opt out versus the right to consent to data collection. Under the CCPA, consumers are informed that their data is collected and can choose to opt-out. In contrast, under GDPR, consumers have to explicitly consent to the collection of their data, rather than opting out after the fact.
Why is privacy awareness important?
Privacy is an unalienable right according to the California Attorney General. Consumers may be unaware of the ways in which businesses can capture and use their data. Consequently, businesses may face negative feelings from consumers who might feel their data has been taken without their consent. Increasing data transparency should benefit both consumers and businesses alike. Consumers can browse the internet protected and businesses can benefit from the increased trust from consumers. While California is leading the way, other states may follow suit. Increasing privacy awareness is more relevant than ever for consumers and companies alike.
Want to learn more? Check out the California Consumer Privacy act here.
In the spirit of transparency, we’d like to add our #Shameless plug: in addition to creating premium privacy gadgets, Spy-Fy is focused on raising issues related to privacy awareness. Check out our cool gadgets designed to help you protect your privacy!