The California Consumer Privacy Act could have more repercussions on U.S. companies than the European Union’s General Data Protection Regulation (GDPR) that went into effect in 2018. The California law doesn’t have some of GDPR’s most onerous requirements, such as the narrow 72-hour window in which a company must report a breach. In other respects, however, it goes even farther.
The California Consumer Privacy Act (CCPA) takes a broader view than the GDPR of what constitutes private data. The challenge for security, then, is to locate and secure that private data.
CSO, which serves enterprise security decision-makers and users with the critical information they need to stay ahead of evolving threats and defend against criminal cyberattacks, shares an excellent guide on what CCPA means to you.