OneTrust DataGuidance: Comparing privacy laws: GDPR v. CCPA

The General Data Protection Regulation (Regulation (EU) 2016/679) (‘GDPR’) and the California Consumer Privacy Act of 2018 (‘CCPA’) (SB-1121 as amended at the time of this publication) both aim to guarantee strong protection for individuals regarding their personal data and apply to businesses that collect, use, or share consumer data, whether the information was obtained online or offline.

The GDPR, which went into effect on 25 May 2018, is one of the most comprehensive data protection laws in the world to date. Absent a comprehensive federal privacy law in the U.S., the CCPA is considered to be one of the most significant legislative privacy developments in the country. Like the GDPR, the CCPA’s impact is expected to be global, given California’s status as the fifth largest global economy. The CCPA will take effect on 1 January 2020, but certain provisions under the CCPA require organizations to provide consumers with information regarding the preceding 12-month period, and therefore activities to comply with the CCPA may well be necessary sooner than the effective date.

It is also noteworthy that the core legal framework of the CCPA is quite different from the GDPR. A fundamental principle of the GDPR is the requirement to have a “legal basis” for all processing of personal data. That is not the case for the CCPA.

To view the full Whitepaper please fill in the form below

  • This whitepaper is offered free of charge by Data Protection World Forum Ltd (DPWF) in association with Dataguidance. When subscribing, you are asked to furnish certain limited information for registration and analytics purposes. Dataguidance may contact you in connection with the whitepaper. You are also given the option of consenting to receive marketing communications from DPWF and/or Dataguidance. You have the right at any time to withdraw your consent to the use of your personal data for such purposes and to have your data deleted. DPWF and Dataguidance are joint controllers of your data for the purposes of the Data Protection Act 2018 and we refer you to their respective privacy policies below.

    View GDPR:Report's Privacy Notice here

    View Dataguidance Privacy Notice here

  •  

PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.

For more information on upcoming events, visit the website.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.

Privacy Culture: Data Privacy and Information Security Consulting, Culture & Behaviour, Training, and GDPR maturity, covered. https://www.privacyculture.com/