This website uses cookies. View our cookie policy
Select regional store:

What is the CaCPA?

The CaCPA (California Consumer Privacy Act) is a new California data protection law that will come into effect on January 1, 2020. The CaCPA will:

  • Introduce new consumer privacy rights
  • Increase the accountability of businesses when consumer data is breached
  • Further protect California residents’ data

The CaCPA and the GDPR

CaCPA is widely viewed as California’s version of the EU’s GDPR (General Data Protection Regulation). Just like the GDPR, it gives people more control over their personal data, and holds businesses more accountable for protecting the data they collect and process.

Learn more about the GDPR here >>

Under the CaCPA, what is considered personal information?

The Act defines ‘personal information’ as any “information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device”. This includes:

  • Names, aliases, (email) addresses, unique identifiers, account names, social security numbers, driver’s license numbers, passport numbers, etc.
  • Biometric data 
  • Internet or other electronic network activity information
  • Geolocation data
  • Psychometric information
  • Professional or employment-related information

Who does it apply to?

Any legal entity that “does business in the State of California” (regardless of where they are located), “collects consumers’ personal information”, and meets any of the following criteria:

  • $50 million or more in gross annual revenue 
  • Selling personal data of 100,000 or more consumers or devices a year 
  • Deriving 50% or more of its annual revenue from selling consumers’ data

What are the benefits?

Even though businesses face a compliance burden, the introduction of the CaCPA also brings benefits. The Act promotes more visibility and responsibility when it comes to the personal data of consumers. As such, complying with the CaCPA:

  • Builds customer trust
  • Enhances brand image and reputation
  • Improves data governance
  • Bolsters information security
  • Increases competitive advantage

How IT Governance can help you get CaCPA-ready

IT Governance, the leading global provider of IT governance, risk management, and compliance solutions, is at the forefront of helping businesses address the challenges of CaCPA compliance.

Browse our range of free resources and comprehensive solutions to help you meet your compliance objectives.

Speak to an expert

If you’re looking for help with your CaCPA compliance project, get in touch with our experts. They can advise you on which of our products and services are best suited to your needs.