The California Consumer Privacy Act (CCPA) was enacted to provide California consumers more control over the personal information that businesses collect about them. But what exactly is included in the scope of “personal information?” Under the CCPA, personal information includes basic details like names, addresses, and government information such as driver’s licenses and social security numbers. It also extends to data that consumers aren’t even aware of that businesses collect such as browsing history, biometrics, and even data on a consumer’s interaction with websites and platforms that they’ve visited.
The CCPA is a data privacy law that secures the right for California consumers to protect their personal information, including:
For-profit businesses that conduct operations in California or fit the criteria set by the CCPA are required to comply with the law by being transparent about their data practices and providing consumers channels to opt out of data collection or request access to the data collected from them. If you’re wondering: how to block cookies before consent, follow the link for an answer.
According to the CCPA, personal information refers to “information that identifies, relates to, or could reasonably be linked with” a consumer or their household.
The term is broad in order to encompass all the data that is currently being collected through different tracking practices and other information that businesses may begin to collect in the future, given the ever-evolving digital landscape.
Personal information, then, includes:
The CCPA doesn’t include publicly available information such as that from federal, state, or local government records (e.g. professional licenses, real estate, etc.) in the category of personal information.
One option to manage the information your business collects from site or app visitors to ensure compliance with all applicable laws and regulations is to use a data privacy tool—essentially a piece of software that helps your company avoid all the repercussions of breaking the law, however unintentionally.
The CCPA protects the personal information of California consumers by requiring businesses to incorporate transparency measures so people can control how their data is collected, stored, used, and shared or sold.
Some requirements set by the CCPA include adding a “Do Not Sell My Personal Information” link on their website’s homepage that lets consumers opt-out of the sale of their personal data, obtaining consent from minors or their parents, and providing channels for consumers to request access to their data. Businesses must also update their privacy policies to include details of the CCPA, specifically the rights consumers are afforded by the law.
Most of the changes brought about by the CCPA affect how businesses operate, especially concerning data collection and the use of it, e.g. for marketing, ad targeting, etc. The best way for companies to play it safe—and prevent having to pay steep fines—is to be transparent about their data practices, pinpointing exactly how consumers’ personal information is used for profit. By the way, if you are required to get permission from site visitors to use cookies, it will be necessary to learn how to block cookies before consent is given.
Since the CCPA was enacted to help consumers protect their personal information, it’s important to know what kind of information is covered by this legislation.
The following data is covered by the CCPA: names, addresses, finances, government issued ID (social security number/passport information), purchase history (goods and services), profession, education and so on. Publicly available information such as real estate owned or professional licenses are not protected by the law.
The law requires enterprises doing business with California residents to be very transparent about what information they collect and how they use it. Individuals in this state have the right to prevent any business from selling their personal information collected online to another business.