GDPR and CCPA – Two Approaches to Privacy
This post compares the EU’s General Data Protection Regulation and the California Consumer Protection Act of 2018 (GDPR and CCPA).
It includes much of a Quora answer that I wrote on this topic. Please see How does the California Consumer Privacy Act of 2018 compare to GDPR?
Disclaimer: This comparison, of necessity, is limited to the broadest generalizations. While the California Consumer Privacy Act or 2018 (“CCPA”) is of a respectable length, the EU’s General Data Protection Regulation (“GDPR”) has 99 Articles, most with several Sub-articles – and that’s preceded by 173 lengthy paragraphs of recitals! Consequently, most of what follows is, in reality, subject to significant additional details, qualifications and exceptions that are too numerous to include here.
Now available for download: A four-page GDPR-CCPA comparison table that includes many more details than are in this post.
Quoting from the beginning of the publication’s Executive Summary [emphasis added]: (more…)
Privacy on the Go – California Attorney General Publishes Recommendations
Privacy on the Go was published by California’s Attorney General in January 2013. It offers the AG’s privacy practice recommendations for participants at all levels of the mobile ecosystem.
Privacy on the Go begins with a message from the AG. Part of that message explains why the publication was produced (emphasis added).
The world has gone mobile. Today, 85 percent of American adults own a cell phone and over half of them use their phones to access the Internet. The mobile app marketplace is also booming with more than 1,600 new mobile apps being introduced every day. These apps allow us to do everything from streaming movies to hailing a cab to viewing our own X-ray and ultrasound images.
Personally identifiable information includes, but is not necessarily limited to:
- First and last name
- Physical address, including street name and name of a city or town
- Email address
- Telephone number
- Social security number
- Any other identifier that permits the physical or online contacting of a specific individual
Mobile Apps: Respecting Users’ Rights
From time to time, developers inquire about best practices in marketing their mobile apps and protecting users’ privacy. Last month the Federal Trade Commission expressed its opinion on these issues (Marketing Your Mobile App: Get It Right from the Start).
On the marketing side, the FTC has two guidelines:
- Tell the truth about what your app can do.
- Disclose key information clearly and conspicuously (make sure that users actually notice your disclosures and are able to understand them).