The groundbreaking California Consumer Privacy Act has been nicknamed California’s GDPR, referring to the European Union’s comprehensive data protection law that took effect in May 2018, just one month before the CCPA was passed. The CCPA, which comes into effect in January 2020, creates sweeping new rights for Californians and onerous transparency and other obligations for businesses handling their information.
While the law is a game changer for the US, “California’s GDPR” may be a bit of a misnomer. The two laws share some key components, yet present crucial differences. Businesses that have undertaken GDPR compliance will have an advantage in addressing CCPA, but those efforts alone won’t suffice.