What is the CCPA, and what does it say about Website Cookies?
The California Consumer Privacy Act (CCPA) from 1 January 2020 is privacy legislation for the state of California. In many ways, it can be compared with the European General Data Protection Regulation (GDPR). But do you know how the CCPA and cookies on your website impact each other?
The CCPA, in Brief
Right now, it is only California residents who benefit from the CCPA, but the rest of the US is looking towards California when it comes to data privacy rights.
In brief, the CCPA applies to all for-profit businesses that meet at least one of the following points:
- Annual revenue over $25 million
- Process personal information of a minimum of 50.000 Californians annually
- Derive 50 percent or more of their annual revenues from the sale of personal information
It is also important to be aware of the fact that if a company from any place in the world collects the personal information of more than 50.000 Californians per year, they are obligated to comply with the CCPA.
Even though it might sound like a lot of data to collect personal information from 50.000 Californian residents annually, the truth is that many businesses from all over the world often do this when they use third-party website cookies and trackers on their website.
How to Comply with the CCPA?
There are, of course, more to it, but very simplified, businesses that meet at least one of the above points must comply with the CCPA by following these guidelines:
- Make sure your Californian users have the opportunity to opt out of third-party data sales.
- Remember to inform your users about which information is collected about them and for what purpose.
- Make sure your Californian users can get access to their personal data collected by you within the last 12 months (if they ask for it).
- Be aware of the special rules when addressing minors under the age of 13 and 16.
- Consider implementing a consent management platform (CMP) on your website to comply with the CCPA.
Remember: You, as a business owner and owner of a website, are responsible for complying with the CCPA.
What Does the CCPA Say About Website Cookies?
Website cookies are valuable for businesses because they gather information about the behavior and preferences of their website users.
CCPA defines cookies as personal data. Thus, website cookies are governed by the CCPA. It is especially the third-party cookies that you need to be aware of.
For example, social media platforms collect many personal, often sensitive, information about consumers, and they can be stored for hundreds of years.
Therefore, it is important to know which cookies your website collects, how it collects it, for what purpose, and which third parties you share the data with.