What the California Consumer Privacy Act of 2018 means for you

**What the California Consumer Privacy Act of 2018 means for you**

The California Consumer Privacy Act of 2018 (CCPA) provides California residents expanded control over personal information that for-profit businesses who do business in California have collected about them. This additional control includes
the right to know about the personal information a business collects about them and how it is used and shared
the right to delete and the right to opt-out of the sale of such information
the right to non-discrimination for exercising CCPA rights

**What the CCPA covers**

Personal information that is covered by the CCPA includes information that identifies or could reasonably be linked with you or your household such as
location data
pictures you have uploaded
fingerprints
driver’s licenses
browsing history
and more
Lists of what information a business stores can be found in the Privacy Policy sections of their websites. An increasing number of websites have a sections that specifically describe their compliance with the CCPA. See for example what information websites Google, Facebook, Twitter, and Netflix collect and store for their purposes. 

**What the CCPA does not cover**

Personal information does not include publicly available information from federal, state, or local government records, such as professional licenses and public real estate or property records. 

**Limitations of the CCPA**

The CCPA only applies to for-profit businesses that
have a gross annual revenue of $25 million
buy, receive, or sell the personal information of 50,000 or more California residents, households, or devices; or
derive 50% or more of their annual revenue from selling California residents’ personal information.
You can only sue businesses under the CCPA if certain conditions are met. The type of personal information that must have been stolen is your first name (or first initial) and last name in combination with any of the following: 
your social security number
your driver’s license number
tax identification number
passport number
military identification number
any other unique identification number issued on a government document commonly used to identify a person's identity
your financial account number, credit card number, or debit card number if combined with any required security code, access code, or password that would allow someone access to your account
your medical or health insurance information
your fingerprint, retina or iris image, or other unique biometric data used to identify a person's identity (but not including photographs unless used or stored for facial recognition purposes)
*****The personal information from the categories listed above must have been stolen in non-encrypted and non-redacted form*****
Additionally, the CCPA only allows you to sue for the amount of monetary damages you actually suffered from the breach or “statutory damages” of up to $750 per incident. For all other violations of the CCPA, only the Attorney General can file an action against businesses. The Attorney General does not represent individual California consumers. You can file a consumer complaint to the Office of the Attorney General.

**Take advantage of the CCPA and regain control of your data**

To exercise your CCPA rights:
visit the Privacy Policy sections of a website of interest that you use and look for a support email address. 
write to the support email address and ask them “per the California Consumer Privacy Act...” to
give you the personal information they have stored of you
delete personal information they have of you 
stop selling your information to third parties and partners. 

Submit a request to us for help with issues you encounter while exercising your CCPA rights, or if you wish for us to act on your behalf to request delete your personal information held by for-profit businesses, opt-out of sale of your information, and/or look into filing suit for breach of privacy of your personal information.
Back to blog