Skip to main content

California Consumer Privacy Act Explained

Consumers’ personal information is getting exploited more often than ever! One of the most recent examples of this is the Facebook scandal where information of around 540 million user accounts was compromised. The breach of personal information is not limited to any particular industry. It is happening across all sectors and all parts of the world. 

Since 2018, Omnibasis empowered companies to comply with the GDPR laws passed in Europe. While the United States congress is debating on what to do, California is taking the lead in protecting consumer data from getting exploited and to make consumers feel more secure about their personal information collected by businesses. For that purposes new law has been introduced in California, United States and it is known as the California Consumer Privacy Act. The purpose of this new law is to make all businesses accountable for their handling of your personal data and to ensure they take the appropriate steps to monitor and protect the personal data of their customers. 

What is the California Consumer Privacy Act?

Due to recent data breaches, consumer privacy and protection is being taken more seriously than ever before. The California Consumer Privacy Act or CCPA will go in effect on January 1st, 2020 and the entire focus of this bill is to enhance consumers’ right to privacy and protection of their data and may set the example for the rest of Unites States and congress.

It is considered to be one of the most detailed and far reaching law that is soon going to be implemented by a US state when it comes to consumer privacy. With many tech giants being based in California and several recent data privacy and data breach scandals, California is taking the necessary steps to create a comprehensive framework on the requirements for business regarding protecting the consumers both when it comes to privacy concerns as well enabling consumers to also benefit from their own information.

What are the major provisions?

The New Law  gives “consumers”, defined as natural persons who are California residents, four basic rights in relation to their personal information:
  1. The right to know, through a general privacy policy and with more specifics available upon request, what personal information a business has collected about them, where it was sourced from, what it is being used for, whether it is being disclosed or sold, and to whom it is being disclosed or sold;
  2. The right to “opt out” of allowing a business to sell their personal information to third parties (or, for consumers who are under 16 years old, the right not to have their personal information sold absent their, or their parent’s, opt-in);
  3. The right to have a business delete their personal information, with some exceptions; and
  4. The right to receive equal service and pricing from a business, even if they exercise their privacy rights under the Law.

Defining “Personal Information” in CCPA

The term personal information is used quite loosely in the California Consumer Privacy Act. According to AB 375, the term “Personal Information” can be represented by a number of different characteristics as well as behavior, both commercial and personal. Moreover, the legislation has hundreds of items mentioned that do not fall under the category of personal information. 

Here are a few of the important ones that do fall into the personal data category:
·         Biometric data
·         Household purchase data
·         Family information
·         Geolocation
·         Financial information
·         Occupation & business data

Lets explore some of the drivers behind the data privacy protections:

1. Types of personal data - It allows a consumer to understand about the type of personal data that will be collected by a company.

2. Selling of data - Make consumers aware of whether their personal information will be sold and disclosed by the business.

3. Right to privacy - If the consumer does not agree to disclose or sell their personal information to any other individual, then this law gives them the right to do so.

4. Access to information - Many businesses do not allow consumers to access their information once registered. With the implementation of the California Consumer Privacy Act, easy access will have to be granted.

5. Deletion of data - Even if a consumer wants to delete their personal information or requires the business to do the same, the organization is obligated to process the request as per the CCPA rules.

6. Discrimination - Discriminating against consumers who are exercising their right to privacy is prohibited under the California Consumer Privacy Act.

How does the California Consumer Privacy Act help consumers?

Consumers get more transparency on their personal information

The first thing that the California Consumer Privacy Act does for the general public is that it gives them a better hold as well as ways to see and manage all collected personal information that is getting collected on them. Whenever a consumer decides they want to know about the collection method or the type of personal information collected by any business, they can see and access it all. Should they want to change their mind, they can now also make specific requests regarding the deletion of personal information as well.

 Consumers get full transparency on how personal data is used

With the full disclosure policy the business that collects any type of information needs to disclose it clearly on their website or application that personal information is required to use the service and that such information will be collected about the consumer and whether or not that information and or will be shared with any other third party. 

How to comply with The California Consumer Privacy Act

Starting on January 1, 2020 businesses will be required to comply with any all provisions of the law.

Organized collection: The collection method used by a business should be organized and well defined. The company should be ready to disclose the collection method to the consumers as well.

Transparent policies: Policies regarding data collection, privacy, and monitoring should be clearly mentioned on their online platform. The structure of the clauses must also be easy to understand and fair to all.

Specific provisions: The CCPA contains certain provisions that e.g. business must include a link on their website under “Do not sell my personal information” tag, as well as other provisions the concern the education requirements regarding anyone handling consumers' private data and their knowledge of the regulations. 

Does the act affect businesses outside California?

Even though the CCPA is implemented in the state of California, it can still be mandatory for businesses outside this geographical location. If your business has customers in the Golden State, then you are still on the hook to comply with the law.

However, there are certain other criteria as well that you must met like:
·         Annual gross revenue of more than $25 million;
·         Receiving, sharing, and selling personal data of more than 50,000 users;
·         At least minimum 50% of the company revenue must be earned by the selling of personal data

The California Consumer Privacy Act might seem like a complicated ordeal and it is. It will certainly change the way data collection and privacy work in various industries. Furthermore, there are likely to be more amendments that change the current requirements and provisions while adding to the regulation.

Omnibasis is here to help to get in compliance and stay in compliance with CCPA

Business small and large, turn to Omnibasis to create and manage consumer agreements, consents and keep a record of your businesses personal data processing activities powered by Blockchain technology. You can get in compliance today with data privacy solution from Omnibasis.

About Omnibasis

Omnibasis is a business management solution to run your sales, marketing, commerce, and operations powered by Blockchain technology. Visit to meet the operating system for your business.


  1. Thanks for all the details on what we need to know.


Post a Comment

Popular posts from this blog

The Ultimate Guide to Creating Your Own Non-Fungible Token (NFT) without Writing a Line of Code

The advancement of the Blockchain technology creates new opportunities for new and existing businesses. One of the new use cases of Blockchain technology was to create a non-fungible token (NFT). Do you have this great new business idea or getting ready to launch a startup, and you want to embrace the new world and create your own NFT? Do you have an existing business and want to know how to capitalize on a NFT without writing a single line of code? We will guide you along the journey and help you in all aspects of NFT creation and distribution. You will learn how NFTs are working and show you how to easy it is to use our solution to create your own NFT and determine whether your business needs it. Let’s dive into everything you need to know to build a successful NFT. What is a NFT? A non-fungible token (NFT) is a unit of data on a digital ledger called a blockchain, where each NFT can represent a unique digital item, and thus they are not interchangeable. NFTs can represent

The Ultimate Guide to Digital ID with Mobile Wallet

In this guide you learn everything you need to know about Digital ID wallet and proving your identity with a greater privacy and all your ID credentials at hand on your mobile device. Make A Case for Digital ID How many identity cards do you have in your wallet? Go ahead, open your wallet and count. I counted at least 5: driver license, car insurance, health insurance, dentist insurance, and eye & vision insurance. All these traditional documents have served us well but in a changing world with all of us carrying around a mobile device, our phones can take over the function of those documents. Identity documents like insurance card, national ID cards, driver license all prime target to be wallet items to digitized into the mobile phone. Digital IDs have the power to transform business processes dramatically with new trust, privacy-protection, and security like never before. Products like Omnibasis Digital ID based on omniPass allows customers to benefit from a secure and trus

Digital Proof of Insurance with Mobile Wallet

Digital Proof of Insurance (DPI) refers to an electronic version of an insurance card or policy that can be displayed on a mobile device or computer. DPI is a convenient alternative to traditional paper insurance cards that are often easily misplaced or damaged. Insurance companies around the world are turning to Omnibasis and omniPass solution to offer the option of a digital proof of insurance, allowing policyholders to access their insurance information through a mobile app or online portal hosted by Omnibasis with a branded white label site. For car insurance, most states in United States also allow drivers to show their DPI during a traffic stop, rather than requiring a physical insurance card. Mobile Wallet Introduction Users do not want to download yet another app on their mobile device and prefer to use a mobile wallet. A mobile wallet is a digital platform that allows users to store payment information, loyalty cards, and other types of digital content in a single, c