An introduction to Data Privacy and Regulation

Data privacy can be referred to as the practice of handling data that is sensitive while keeping it in line with regulatory requirements. Every country has specific data privacy laws that regulate how companies collect, store and share customer data. Today, data privacy has become the topmost priority for organizations and is the fuel for growth in almost every sector of business.

In an ever-new digital world, data is the fuel for growth – however, it is here where data privacy becomes the most obvious elephant in the room. Privacy is not given priority and takes a back seat to efficiency, speed, and revenue potential. With regulations, companies are required to comply with data privacy norms.

The two most known data privacy regulations are GDPR and CCPA. The GDPR, also known as the Regulation (EU) 2016/679 in official contexts – was specifically spearheaded by three legislative institutions – The European Parliament, the European Commission, and the Council of the European Union. The aim of the GDPR is to return control to users while simplifying the regulatory environment for international business. On the other hand, in simple terms, the California Consumer Privacy Act (CCPA) aims to provide Californian citizens and residents with more information about how companies collect their personal data. 

The CCPA empowers users to know and understand the type of information being collected by businesses and the right to agree or disagree with the sale of their personal data.

  • Right to know all data collected by a business on you
  • Right to say NO to the sale of your information
  • Right to DELETE your data
  • Right to be informed of what categories of data will be collected about you prior to its collection, and to be informed of any changes to this collection.
  • Mandated opt-in before sale of children’s information (under the age of 16)
  • Right to know the categories of third parties with whom your data is shared
  • Right to know the categories of sources of information from whom your data was acquired
  • Right to know the business or commercial purpose of collecting your information
  • Enforcement by the Attorney General of the State of California
  • Private right of action when companies breach your data

Core differences between GDPR & CCPA 

The overall aim of the GDPR and CCPA are quite similar. Let’s have a look at some of their similarities and differences…