Cyber Security Terms

The California Consumer Privacy Act (CCPA)

Edward Kost
Edward Kost
updated Nov 23, 2021

What is the California Consumer Privacy Act (CCPA)?

The California Consumer Privacy Act of 2018 (CCPA) gives Californian consumers greater authority over how their personal data is collected and processed in California.

Under the CCPA, California residents have a right to:

  • Be notified when their personal data is being collected.
  • Be notified when their data is being sold.
  • Block the sale of their personal data.
  • Request the permanent deletion of their personal data.

The CCPA is applicable to for-profit business that meet any of the following thresholds:

  • Gross yearly revenue of $25 million.
  • Process the personal data of at least 50,000 Californian residents or households.
  • Attribute 50%+ of their yearly revenue to the sale of personal data

Key takeaways

  • Check icon
    Organizations that fail to comply with the CCPA could face penalties up to $7,500 per violation.
  • Check icon
    Businesses outside of California must comply with the CCPA is they sell services or collect data from Californian residents.
  • Check icon
    GDPR compliance is expected of any business that collects personal data from European residents, CCPA compliance is only required of businesses that meet the CCPA's three thresholds.
  • Check icon
  • Check icon
Reviewed by
No items found.
UpGuard customer support teamUpGuard customer support teamUpGuard customer support team

See UpGuard In Action

Book a free, personalized onboarding call with one of our cybersecurity experts.

More from our blog

Learn more about the latest issues in cybersecurity.
Deliver icon

Sign up for our newsletter

Stay up-to-date on everything UpGuard with our monthly newsletter, full of product updates, company highlights, free cybersecurity resources, and more.
Free instant security score

How secure is your organization?

Request a free cybersecurity report to discover key risks on your website, email, network, and brand.
  • Check icon
    Instant insights you can act on immediately
  • Check icon
    Hundreds of risk factors including email security, SSL, DNS health, open ports and common vulnerabilities
Website Security scan resultsWebsite Security scan rating