Will the CCPA Affect Your Events?
The California Consumer Privacy Act (CCPA) goes into effect on January 1, 2020. The CCPA puts stricter guidelines than the U.S. has seen previously on the collection and processing of personal information. The CCPA is a bill that enhances privacy rights and consumer protection for residents of California, United States.
“Even though this regulation only applies to residents of California, we believe it will become a new national standard for data privacy throughout the United States.”
David Guse, CPA, Vice President & Data Protection Officer
With 40 million California residents, the CCPA impacts approximately 1 in 8 Americans. However, this law will also reach beyond California’s borders. Even if your company isn’t located in the Golden State, if you have customers or potential customers in California and meet one of the following criteria below, you must conform to CCPA regulations.
- Your annual gross revenue is more than $25 million.
- Your organization receives, shares, or sells personal information of more than 50,000 individuals.
- Your company earns 50% or more of its annual revenue from selling personal information of consumers.
Consumers want to do business with companies that maintain their data privacy and data security. As a global event management company, the safety of our clients and their attendee information is paramount. M&IW is compliant with GDPR and CCPA. We go to great lengths to secure Personally Identifiable Information (PII). The data is encrypted, access restricted and multiple overlapping monitoring systems in place. We also ensure the data collected has received the proper consent.
Intentions of the CCPA
The CCPA will enable individuals to take a more active role in monitoring and protecting their personal information. Although the regulation consists of complex data safeguards, consumer rights can be grouped into five high-level categories.
- Know what personal information is being collected about them
- Access that information
- Know if their personal information is disclosed, and with whom
- Know if their personal information is sold and the right to opt-out of the sale
- Receive equal service and price whether or not they exercise their privacy rights
Comparisons of GDPR vs. CCPA
GDPR Provides 8 Rights to Data Subjects including:
- Transparency
- Access
- Rectification
- Erasure
- Restrict Processing
- Data Portability
- Object to Processing
- Automated Decision Making
CCPA Provides 5 Rights to Consumers:
- Notice
- Access and Portability
- Deletion
- Opt-Out of Sale of Personal Information
- Equivalent
Personal Data & Information Definition
GDPR
Any information that relates to an identifiable data subject; for example, name, IP address, birthday.
CCPA
The CCPA expands the definition of personal data to include information relating to a household. The definition further includes visual, thermal, olfactory, and professional or employment-related information. It also uses broader language for the required connection to an individual – e.g., “reasonably capable of being associated with.”
Additional CCPA Information
Meetings & Incentives Worldwide has prepared a CCPA Overview to help you navigate the requirements of this law. It is a gathering of external resources to better understand the California Consumer Privacy Act (CCPA) and how Meetings & Incentives Worldwide is implementing best practices to ensure compliance. You can best understand the implications of the CCPA on your organization and events by visiting https://www.caprivacy.org or reaching out to your legal department.