The California Consumer Privacy Act (CCPA) is a bill intended to enhance privacy rights and consumer protection for residents of California, United States. The effective date of the CCPA is January 1, 2020. It is the first law of its kind in the United States.
The CCPA applies to any business, including any for-profit entity that collects consumers’ personal data, which does business in California, and satisfies at least one of the following thresholds:
- – Has annual gross revenues in excess of $25 million;
- – Buys or sells the personal information of 50,000 or more consumers or households; or
- – Earns more than half of its annual revenue from selling consumers’ personal information.
Organizations are required to “implement and maintain reasonable security procedures and practices” in protecting consumer data.
Starting January 1, 2020, California consumers can request that businesses share: – the categories and specific pieces of personal information that the business collects about them; – the categories of sources of that information; – the purpose for which that information is used; and – the categories of personal information that the business disclosed about the consumer for a business purpose over the previous twelve months. As a result, if you are subject to the law, you should begin to gather documentation on your data management practices, looking back as far as January 1, 2019.
Annual revenue of more than $25 million USD
To check your business’s annual revenue, navigate to the Analytics tab in your admin. Change the date range to the year you are investigating.