What is CCPA?

blog cover image
57
7.6K followers
Updated

What is CCPA?

CCPA stands for the California Consumer Online Privacy Act. Also known as California's GDPR.

Its is a Californian privacy law that goes into effect on January 1st 2020 and it enhances the privacy rights of consumers from California in the USA.

The law imposes new requirements on businesses serving consumers from California. One of them must be a notice of collection, with an opt-out link, a do not sell my personal information (DNSMPI)

Best is to use a plugin that detects the location of your visitor and displays a message of GDPR and CCPA accordingly. With all those rules, our starting screens get overcrowded, no?

Thank you for reading, liking, comments and shares

What is your solution?

I am using cookie notice plugin, which has a no option.
But, That is not enough...

PS (added as it goes):

For legal info, look here: https://www.iubenda.com/en/
And here: https://www.cookiepro.com/

For pluginS, look here:
https://wordpress.org/plugins/search/Ccpa/

Do not miss this:
https://www.awin.com/us/news-and-events/gdpr/awin-and-the-ca...


Do not miss Kyle's featured answer, nor the tips given by many members for plugins either!

Login
Create Your Free Wealthy Affiliate Account Today!
icon
4-Steps to Success Class
icon
One Profit Ready Website
icon
Market Research & Analysis Tools
icon
Millionaire Mentorship
icon
Core ā€œBusiness Start Upā€ Training

Recent Comments

100

Featured Comment

If you are following GDPR, there is a good chance that you are already following the regulations under CCPA.

This is to help the US be able to enforce privacy regulations and it was easier for them to implement this on a "state" level, instead of trying to deal with political and very much divided nature of the current congress (to get it done at a federal level).

It certainly is not room for panic, these policies are geared towards larger sites that are collecting data and using it for advertising and other monetary gain (think Facebook, Google, etc).

We will have much more to say on this and other privacy related situations as we head into the new year, and we sit down with some of the "in the know" internet & media lawyers across the world (which we do in the first quarter of every year).

Thanks Kyle. I am glad I am moving 6200 miles from California. I hope that is enough to distance me from such BS.

Thank you Kyle
ā¤ļø

It's only enough distance if no one from California ever visits your site. If you get even one visitor - wham, bam, you have nexus.

p.s. Fleeky we found this on Wikipedia. I do not fall into any of the 3 mentioned categories.

The CCPA applies to any business, including any for-profit entity that collects consumers' personal data, which does business in California, and satisfies at least one of the following thresholds:

Has annual gross revenues in excess of $25 million;
Buys or sells the personal information of 50,000 or more consumers or households; or
Earns more than half of its annual revenue from selling consumers' personal information.[10]
Organizations are required to "implement and maintain reasonable security procedures and practices"[11] in protecting consumer data.

https://en.wikipedia.org/wiki/California_Consumer_Privacy_Act

Hasta Pronto, Taetske


Great add Taetske!
You are an awesome ambassador!

Takes off a lot of stress, doesn't it?

ā¤ļø

Yes, it does. Michael even found the complete law and read it. On Wikipedia, it is in a short version.

Hasta Pronto, Taetske

The definition you quote above is only the one that defines a business under the CCPA. There are four other categories which must be considered.

If you collect email addresses, then you are liable. You must have a "Do Not Sell My Personal Information" link on any page inviting anyone to provide their email address, and you must immediately respond and comply with all requests.

If you work with any merchants at all, you also are considered a conduit to their sites, so you need to make sure that those sites are compliant.

While I can't speak for other networks, I can verify that the merchants on http://Awin.com or http://ShareASale.com are CCPA compliant, so it is safe to work with all of ours.

Sorry, but just reading the law is never going to give you the full information.

Once a law is passed, the next step is interpretation. That's where things start getting complicated. Awin has already been working with California officials, reviewing the interpretations which have been released so far. That's why we could provide the blog post we did, and will continue to update as things evolve.

There's so much information involved, so many individual situations, that Wikipedia couldn't possibly do them all unless they have a lawyer who specializes in this area writing the post. (We have several lawyers on staff who only work with things like this.) Wikipedia is okay for general knowledge, but don't risk your business based on what you read on there and try to interpret without guidance.

Good afternoon Jeannine,

Thank you for this information.
I do not make money with my websites. I do not collect data for email lists and I only write posts on things of my interest. That is why I think this does not apply to me, do you think I am wrong?

Greetings from the south of Spain,

Taetske

Thank you Jeannine!

Would this also apply to non business, just benevolent?

No, I do not collect email addresses for a mailing list.
But when somebody leaves a comment there is an email, only visible to me.
The few merchants I use like Amazon and ShareASale are ok as you said.
Thank you for your information.

All the best, Taetske

You must be able to prove that you do absolutely nothing with those emails. Plus you must provide a way for those people to be completely forgotten - where you can remove their email from anything you have. Seeing those emails is enough to subject you to the CCPA. It's possible that your comment processor will have something, but California would say it is your responsibility to ensure that it is available somehow.

Also I said Awin and ShareASale, not Amazon. I have no idea what Amazon is doing to meet compliance requirements.

Based on the discussions I've attended on the subject, being a business or not doesn't matter if you collect any type of personally identifiable information. If you get an email or have a way to identify anyone in any way, then you are subject to CCPA.

Everyone with an email account gets email addresses, how would that qualify for the opt-out?

Frankly, this is only CALIFORNIA law and most of us do not live there so it's completely inapplicable. Plus lawyers are not going to come after small fry bloggers - they are going for the companies with the big bucks.

Doesn't matter if you live in California or not. If someone from California visits your site and interacts so that you have any type of personal information, nexus is established and you are subject to CCPA laws.

This isn't necessarily the lawyers who will come after you. It's the state of California, and they love to make examples of businesses of all sizes to strike fear into the hearts of everyone. The fines start off small, then go up from there. But "small" could easily be big for smaller sites. Best to be compliant.

Not sure about your question, but it's the collection of emails of others that's the issue here. That's personally identifiable information, and that's what the CCPA is out to fiercely protect.

What I was saying is that even as a citizen you collect personal information. No matter how you look at it there isn't any true way to prevent other people to keep your data safe.

I am simply trying to understand how these privacy laws are supposed to work since there isn't a "real" way to deter others from this kind of thing.

So, how does it work if I was a person with a list who didn't have a website and did everything on social media or from looking at other people's lists?

Would it all come from the tax forms or where would it be checked?

Perhaps it WOuld be good to apply the rules not only to merchants but also to affiliates...
āœØ

As networks, both Awin and ShareASale have updated their Publisher Terms & Conditions which publishers must accept to work within the interface.

Can't speak about any of the other networks, but we are indeed applying it to publishers as appropriate as well.

Yes... I noticed.
ā¤ļøšŸ’Ŗ

When it comes to mailing lists, is it not so that programs like aweber and others need to provide that solution? Unless you use your own database?

Thank you for your guidance
āœØ

You must make sure that it is available on your site as well. It can't only be in the email they receive.

Social media happens online - bang, you have nexus under the CCPA.

California will develop a variety of methods to investigate sites as time goes on. Originally they will respond primarily to complaints from people who couldn't be "forgotten" or opt out of a list or some of the other aspects of this law.

Remember, interpretation is the big part, and that has barely begun. Time will be able to answer your questions better than I can right now, because even California doesn't know yet. But you can indeed count on them to be fierce when it comes to this, because as a state they love doing stuff like that.

Thank you!
āœØšŸ„°

Good afternoon Fleeky,

My head is spinning with all these new things, not funny.
This afternoon we will try those 2 different plugins for disabled people. Then we can compare the 2 websites, I will let you know.
I will pass on your post to the technical department here in the house, let's see what he says.

Greetings from the south of Spain,

Taetske

Lol!

Let that not disturb you!
šŸ„°šŸ˜

I was part of the compliance team in a California bank that was implementing procedures to meet this requirement. Banks will have to spend tons of money to comply with this unnecessary law. Companies already have to comply with essentially identical Federal laws GLBA and Regulation P. But California is determined to be an obstacle for businesses.

Anyhow, I use this plugin "Complianz | GDPR Cookie Consent", but to comply with CCPA you need the premium version. I havenā€™t switched to premium yet. I am considering it.

Jose

Thank you JosƩ for your valuable insights...
And for sharing a plugin that does both GDPR and CCPA

See more comments

Login
Create Your Free Wealthy Affiliate Account Today!
icon
4-Steps to Success Class
icon
One Profit Ready Website
icon
Market Research & Analysis Tools
icon
Millionaire Mentorship
icon
Core ā€œBusiness Start Upā€ Training