Skip to Content

California passed the California Consumer Privacy Act (CCPA) in early 2018, a landmark policy with some of the most stringent data-protection provisions in the country. Inspired by the European Union’s General Data Protection Regulation (GDPR), the CCPA is designed to give consumers control of their data.

California may be only one state, but because of its size, population, and vibrant technology industry, the CCPA will have consequences far beyond its borders. With nearly 40 million residents, most companies in the US have interactions with California residents and will need to comply with this new legislation.

Under CCPA, the state will impose fines of $2,500 per incident for unintentional breaches and $7,500 per incident for intentional violations. It also allows consumers to recover up to $750 per incident, or more if the consumer can show actual damages that exceed $750. The amounts might seem modest, but CPPA penalties have the potential to be substantial, especially if the CCPA decides on a per-consumer per-incident model.

How does CCPA differ from GDPR?

Thank You! We have received your form submission.

We are sorry, the form submission failed. Please try again.