The CCPA empowers California residents with enforceable rights over the personal information they generate every day online.<\/p>\n\n\n\n
Take a look at the new CCPA consumer rights here.<\/a><\/p>\n\n\n\n The CCPA forces businesses to comply with certain legal requirements for the collection, use, sharing and selling of personal information, e.g. enabling California residents to opt out of having their data sold to third parties, granting them access to the data already collected, and having it deleted.<\/p>\n\n\n\n Take an in-depth look at the business requirements for CCPA compliance here.<\/a><\/p>\n\n\n\n Cookies are the memory of a website. Or at least that\u2019s what they were invented for back in 1994.<\/p>\n\n\n\n Cookies are small text files<\/strong> placed by a website on an end-user\u2019s browser upon a visit, encapsulated with information about the user, their device and other things that make it possible for a website to recognize the user, when they return.<\/p>\n\n\n\n Today, cookies serve many different purposes, some of which have less to do with recall and more to do with privacy-invasive surveillance practices.<\/p>\n\n\n\n Some cookies are necessary<\/strong> for the core functions of a website. Most often, these types of cookies only store random identifiers that are deleted when users close their browser. No big deal.<\/p>\n\n\n\n But other cookies are for analytical<\/strong> and marketing<\/strong> purposes, placed by third parties that collect information on users through unique IDs that are sometimes stored for up to a hundred years.<\/p>\n\n\n\n These third-party cookies can infringe on user privacy<\/a>.<\/p>\n\n\n\n Personal information collected through these types of cookies is often used for creating profiles on users that are then traded in exchange for digital ad space through real time bidding systems<\/a>, where companies will follow the user cross-site, around the web in order to serve eerily targeted advertisement.<\/p>\n\n\n\n <\/a>Under the European General Data Protection Regulation (GDPR), websites are not allowed to set any cookies apart from those strictly necessary, without the prior consent of end-users.<\/p>\n\n\n\n So, if you have visitors from the EU, you must be GDPR-compliant<\/a> \u2013 regardless of where in the world you and your website is located.<\/p>\n\n\n\n However, the relationship between the CCPA and cookies are different.<\/p>\n\n\n\n Check out how to achieve CCPA website compliance here.<\/a><\/p>\n\n\n\n In the CCPA, cookies and similar tracking technologies are classified as unique identifiers<\/strong> that form part the law\u2019s definition of personal information (1798.140.x<\/a>).<\/p>\n\n\n\n Unique identifiers<\/strong> are types of technologies that are able to recognize a consumer, a family, a household, or a device that is linked to a consumer or family or household, over time and across services.<\/p>\n\n\n\n This means that any for-profit company in the world<\/strong> that has cookies and similar tracking technology implemented on their websites could be liable for CCPA cookie compliance<\/strong>, in particular if they sell or make available to third parties<\/strong> (such as Google or Facebook) the personal information of Californian users.<\/p>\n\n\n\n You might think, well that\u2019s not me and my business. But hold on!<\/p>\n\n\n\n The CCPA\u2019s definition of \u201cpersonal information\u201d, \u201cbusiness\u201d and \u201csale\u201d is very broad and will undoubtedly extent to many more companies than it seems at first sight.<\/p>\n\n\n\n Learn more about the CCPA and personal information<\/a><\/p>\n\n\n\n On August 14, 2020 the final CCPA regulations<\/a> took effect and enforcement by the Attorney General began.<\/p>\n\n\n\n Enforcement precedents are important in order to know for certain how the CCPA\u2019s treatment of cookies and tracking technologies will be interpreted.<\/p>\n\n\n\n Learn more about the final CCPA regulations and enforcement<\/a><\/p>\n\n\n\n California Attorney General on cookies, third-party advertising and consent management<\/a><\/p>\n\n\n\n However, the CCPA definition of personal information is very broad and cookies and third-party trackers can be a real liability for businesses and websites all over the world.<\/p>\n\n\n\n If the information collected on a website through cookies does not in itself constitute personal information<\/strong> under the CCPA (e.g. analytics data about the behavior of users on a website that is initially anonymous), inferences from this data<\/strong> with the purpose of identifying and connecting devices, creating profiles and serving personalized advertisement can be considered personal information<\/strong> under CCPA.<\/p>\n\n\n\n Learn more about the details, definition and scope of personal information under the CCPA.<\/a><\/p>\n\n\n\n If anonymous data can in any way be re-identified, it can be considered personal information<\/strong> under the CCPA.<\/p>\n\n\n\n Other tracking technologies on websites, such as device and browser fingerprinting, web beacons and tracking pixels, are all ways for third party ad tech companies to collect and commodify consumers and their personal information for the purpose of serving behavioral advertisement.<\/p>\n\n\n\n Hypothetically<\/strong> (as analyzed by the California Lawyers Association<\/a>), if your business through its website makes available to third parties (e.g. through cookies and social media plugins) data on Californian residents that is either not anonymized or has the potential to be re-identified, your business might be categorized as a business that is \u201cselling\u201d<\/strong> (i.e. making available, transferring or otherwise communicating, as the CCPA defines sale) personal information of Californian residents.<\/p>\n\n\n\n A business is liable under the CCPA, if it sells the personal information of more than 50.000 Californian residents per year.<\/p>\n\n\n\n This is one of three thresholds for CCPA compliance<\/a>.<\/p>\n\n\n\n If the Attorney General of California enforces the CCPA close to the interpretation by the California Lawyers Association above, simple math will tell you that a business that collects or makes available to third parties (e.g. through cookies, web beacons, pixel tags and so on) the personal information of just 137 California residents per day for a year<\/strong>, that business will meet one of the thresholds for CCPA cookie compliance.<\/p>\n\n\n\n Check out more possible CCPA interpretations by the California Lawyers Association here.<\/a><\/p>\n\n\n\n Try Cookiebot CMP free for 14 days<\/a> and scan your website to know all cookies and similar technologies, both first and third party.<\/p>\n\n\n\n The California Consumer Privacy Act (CCPA<\/a>) is setting the bar for the rest of the US when it comes to data privacy rights. For now, only California residents will enjoy the newfound empowerment and ownership over their personal information, but the rest of the nation is looking west.<\/p>\n\n\n\n As an example of the country-wide impact of the CCPA, Microsoft announced in November 2019 that it will not only comply with CCPA consumer rights in California but will expand them to all US customers<\/a>.<\/p>\n\n\n\n The CCPA\u2019s extraterritorial scope<\/strong> means that if a company in New York or Texas collects the personal information of more than fifty thousand California residents annually, they are obligated to comply with the CCPA.<\/p>\n\n\n\n Collecting the personal information of 50.000 California residents per year may sound like a lot of data \u2013 but considering that the definition of personal information in the CCPA is so expansive that it includes cookies and IP addresses, a lot of companies might find themselves liable for compliance.<\/p>\n\n\n\n It is likely that a lot of companies all over the world will reach this threshold, have their data practices fall under the definition of sale<\/strong> and be obligated to achieve compliance with the CCPA.<\/p>\n\n\n\n That\u2019s because simply having third party cookies and trackers on your company\u2019s website might make you liable for CCPA compliance.<\/p>\n\n\n\n Sign up to Cookiebot CMP to control your website's cookies<\/a><\/p>\n\n\n\n Cookiebot CMP<\/a> is the world\u2019s leading consent manage platform enabling compliance with the California Consumer Privacy Act (CCPA)<\/a>, the EU\u2019s General Data Protection Regulation (GDPR)<\/a> as well as other data privacy laws around the world.<\/p>\n\n\n\n The Cookiebot CMP<\/a> technology is built for the specific purpose of uncovering all cookies and similar trackers on websites, so the end-users can be empowered with a real choice of consent, as required by the GDPR.<\/p>\n\n\n\n Cookiebot CMP<\/a> is bringing its area of expertise \u2013 automated deep website scans and end-user consent management - to California, so that businesses can be sure to know exactly how their online domains collect personal information from their consumers, what third parties are present on their website, as well as enabling end-users to exercise their right to opt out of having their data sold to third parties.<\/p>\n\n\n\n Cookiebot CMP<\/a> is a software-as-a-service product that is highly customizable to the needs of every business. Simply sign up and integrate Cookiebot CMP on your website with a few strings of JavaScript.<\/p>\n\n\n\n Using Cookiebot CMP<\/a>, websites can obtain CCPA compliance with the required Do Not Sell My Personal Information link.<\/p>\n\n\n\n The Cookiebot CMP<\/a> geolocation configuration makes it easy for companies to comply with both the CCPA and the EU\u2019s GDPR depending on where in the world their end-users are located.<\/p>\n\n\n\n See all Cookiebot CMP features<\/a><\/p>\n\n\n\n See all Cookiebot CMP plans and pricing models<\/a><\/p>\n\n\n\nWhat are cookies?<\/h3>\n\n\n\n
![\"Palm](\"\/media\/3778\/roberto-nickson-y1p34mzie-c-unsplash.jpg?width=460&\")
CCPA, cookies and personal information<\/h2>\n\n\n\n
CCPA enforcement has begun<\/h3>\n\n\n\n
CCPA cookies example<\/h3>\n\n\n\n
![\"Road](\"\/media\/3777\/nicolas-moscarda-64wmtdsbcyu-unsplash.jpg?width=473&\")
Cookiebot CMP, CCPA and cookies<\/h2>\n\n\n\n
Cookiebot CMP and CCPA cookies<\/h3>\n\n\n\n
![\"Orange](\"\/media\/3780\/niklas-schweinzer-rwgerwomu4e-unsplash.jpg?width=451&\")