Transacting business online requires filling out forms with your personal information. Personal information is considered private and should be highly sealed since it is considered as your identifier. In our modern world ruled by the internet, cybercrimes such as breach of data and identity theft are rampant. It is important to protect and monitor the personal information we share. The California Consumer Privacy Act of 2018 provides enhanced data protection to California consumers. The CCPA ensures that the data privacy rights of consumers in California are carefully exercised and their personal information is properly secured upon collection by the businesses.
Who is subjected to compliance with CCPA?
The CCPA is applicable for profitable businesses and organizations that process and gather personal information of California residents. Business and organizations should meet at least one of the following criteria:
- A company that has a yearly revenue of $25 million at minimum.
- A company that gathers at least 50,000 personal data of California residents per year.
- A company wherein half of the annual revenue is earned from the sale of information gathered from California residents.
Nonprofit businesses and government organizations are not subjected to compliance with the CCPA.
What are the responsibilities of Profit companies toward California consumers?
- Companies allowing the consumers to know that their data being gathered and what is the specific information that they have collected.
- Consumers have the right to know how their personal information is used, shared, or sold, and the third party where it was disclosed.
- Consumers can prohibit the company to sell their data.
- Companies should accommodate requests if in case the consumer wants to access or wants to delete their personal information.
- If there is a minor under the age of 16 users, consent must be presented before the gathering, using, and sharing their personal information. If the minor is under the age of 13, parent consent must be obtained before using their information.
- Consumers should also be protected from discrimination for exercising their CCPA rights.
What is considered Personal Information?
According to CCPA, Personal Information is defined as information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked (directly or indirectly) with a particular consumer or household such as a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers.
Any data collected that could connect back to the individual is considered as Personal Information as per CCPA.
What happens if I violated the CCPA?
CCPA noncompliance can be sanctioned and penalties can be applied. If a company became a victim of identity theft or data breach due to the failure of the company to secure data an amount between $100 to $750 should be paid per Californian resident affected. If a violation is found and proven to be intentional a fine of $7,500 should be paid for each violation and $2,500 for each unintentional violation.
California consumer’s privacy act is made to protect the consumer from any data breach that could ruin or bring any harm to them. The CCPA allows the companies to use personal data that they have collected from California consumers however the company should ensure that this information is highly protected and will be used for a good cause and will only be used, shared, or will be sold upon the approval of the information owner. Strict compliance is encouraged by business companies that gather private information. As a consumer, you should know your right before giving out your personal information and as a Company asking for personal data, know that your consumer trusted you with their information therefore you should secure it well.