Scribd
Upload
29 views2 pages

California Privacy Rights Act (CPRA)

The California Privacy Rights Act (CPRA) enhances consumer privacy by amending the California Consumer Privacy Act (CCPA) with new rights and stronger business accountability, effective January 1, 2023. It introduces Sensitive Personal Information categories, mandates data minimization, and establishes the California Privacy Protection Agency for enforcement. The CPRA sets significant penalties for violations, aligning California's privacy framework closer to GDPR standards.

Uploaded by

Jos van der Linden
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
29 views2 pages

California Privacy Rights Act (CPRA)

The California Privacy Rights Act (CPRA) enhances consumer privacy by amending the California Consumer Privacy Act (CCPA) with new rights and stronger business accountability, effective January 1, 2023. It introduces Sensitive Personal Information categories, mandates data minimization, and establishes the California Privacy Protection Agency for enforcement. The CPRA sets significant penalties for violations, aligning California's privacy framework closer to GDPR standards.

Uploaded by

Jos van der Linden
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

The California Privacy Rights Act (CPRA) is a major privacy law that amends and

expands the California Consumer Privacy Act (CCPA). It was approved by voters in
November 2020 (via Proposition 24) and became fully operative on January 1, 2023, with
enforcement beginning on July 1, 2023.

🔍 Key Features of the CPRA:

1. New and Expanded Consumer Rights

 Right to Correct: Consumers can request correction of inaccurate personal


information.
 Right to Limit Use of Sensitive Personal Information: Consumers can restrict how
businesses use information like race, precise geolocation, health data, and sexual
orientation.
 Expanded Right to Opt-Out: Includes the sale and sharing of personal data,
especially for targeted advertising.

2. Sensitive Personal Information

 CPRA introduces a new category called Sensitive Personal Information (SPI).


 Includes data such as:
o Government ID numbers
o Financial account info
o Health and genetic data
o Precise geolocation
o Racial or ethnic origin
o Religious or philosophical beliefs
o Union membership
o Contents of messages
o Sexual orientation

3. Stronger Accountability for Businesses

 Data minimization and purpose limitation: Businesses must collect only what’s
necessary for the stated purpose.
 Requires annual risk assessments and cybersecurity audits for high-risk data
processing activities.
 Must enter into contracts with service providers, contractors, and third parties to
ensure privacy obligations are upheld.

4. New Enforcement Agency

 Establishes the California Privacy Protection Agency (CPPA) — the first U.S.
agency dedicated solely to enforcing privacy laws.
5. Applicability Thresholds

 Applies to for-profit entities doing business in California that meet any of the
following:
o Gross annual revenue over $25 million
o Buy, sell, or share the personal data of 100,000 or more consumers or
households
o Derive 50% or more of revenue from selling or sharing personal data

⚖️Enforcement & Penalties

 CPPA and California Attorney General have enforcement powers.


 Fines:
o $2,500 per violation
o $7,500 for intentional violations or violations involving children under 16
 No more 30-day cure period for businesses to fix violations before enforcement.

💡 Summary

The CPRA strengthens consumer privacy in California by introducing new rights, increasing
business accountability, and creating an independent enforcement agency. It moves
California closer to the GDPR-style data protection model and sets a national benchmark for
privacy standards in the U.S.

You might also like