Official Guide to CCPA
Unpacking California’s Consumer Privacy Act
The California Privacy Rights Act (CPRA) amended the CCPA with enhanced privacy protections for Californians upon passage in 2020.
At the beginning of 2023, the CPRA amendment became effective, and in the March 2023, California’s Office of Administrative Law (OAL) approved the updated regulations put forth by a new governing body, the California Privacy Protection Agency (CPPA).
In this guide, DataGrail unpacks and explains the CCPA’s critical points and provides insights into the new governing body, the CPPA. We’ll dive into best practices for supercharging your privacy program to help your company build consumer trust, reduce business risk, and avoid penalties.
Note: On Friday, June 30, 2023, the Superior Court of California, County of Sacramento, complicated matters by issuing an order delaying enforcement of OAL-approved regulations from March 2023 by one year, moving enforcement to March 2024. This ruling may give the impression that businesses need not comply with CCPA for another year — this is not the case.
CPRA and the original CCPA are fully enforceable. Consumer transparency, privacy requests, do not share/sell, etc., are still enforceable.
The OAL-approved regulations put forth by the CPPA from March 2023 are less about creating new rules and more about clarifying existing obligations.