skip to main content
CookiePro Blog October 9, 2019

Privacy Law Comparison: GDPR vs. CCPA

We developed a full white paper that explores the differences between CCPA and GDPR, as well as how businesses can stay compliant.

When the bill for CCPA was passed in June 2018, it was instantly compared with the EU’s GDPR . This was for good reason. Both sets of regulations take a hard stance towards businesses that do not adequately protect consumer data.

They both give individuals significant rights in regards to how their data is used, and they both leave the potential for large fines to be levied at companies that don’t comply. However, the comparisons only stretch so far; there are significant differences between the two regulations. For some businesses, specifically those that only operate in one of the areas affected—either the EU or California—these distinctions may not cause problems.

These companies can focus on complying with the regulation that matters to them. For businesses that operate in both areas, however, complying with two sets of regulations will be a challenge. Especially for small companies that don’t have the budget for expensive legal or compliance departments.

Failure to adhere to the regulations, however, could be just as costly. Agencies, publishers, and other small and medium-sized businesses that operate in both the EU and California need to ensure they have an in-depth understanding of how to adhere to both sets of rules.

GDPR vs CCPA

GDPR VS. CCPA in Numbers

£183.39 Million: The largest fine so far handed out under GDPR. Given to British Airways by the ICO for the airline’s failure to protect customer data.

$7,500: The maximum penalty per intentional violation under CCPA. Non-intentional violations are capped at $2,500.

513.5 million: Number of people residing in the EU at the start of 2019, according to Eurostat.

37 million: Number of people living in California according to the 2010 census. Around 12% of the population of the U.S.

33,089: Number of GDPR complaints submitted to the UK DPA by March 1, 2019. More than any other EU country. But fewer complaints per 100,000 of the population than Ireland.

137: The number of people businesses need to collect data on per day to be subject to CCPA. This could come from the IP address of website visitors.

January 1, 2020: The day CCPA will go into effect. Businesses operating in California will need to ensure they are compliant by this date.

8%: The percentage of U.S. businesses that said they are ready for CCPA as of July 2019 according to PossibleNow.

Download the full guide to learn key differences between CCPA and GDPR regarding cookie compliance, mobile app compliance and consumer & subject requests.

Recent Posts

CookiePro Launches CCPA Do Not Sell WordPress Plugin
CookiePro Launches CCPA Do Not Sell WordPress...
Download the new CookiePro CCPA Do Not Sell WordPress plugin to allow website visitors to opt of the the sale of personal information.
+ View Article
Website Tracking: Why and How Do Websites Track You?
Website Tracking: Why and How Do Websites...
Websites track users to monitor their online behavior. This is often so they can provide a tailored online experience and show targeted ads.
+ View Article
CCPA Amendments Signed into Law
CCPA Amendments Signed into Law
Last Friday, October 11, California Governor Gavin Newsom signed five bills into law under the CCPA. Learn what this means for your...
+ View Article
Online Privacy Improved with SameSite Cookie Attributes
Online Privacy Improved with SameSite Cookie...
The latest big idea to help tame the insecure world of browser cookies is using SameSite cookie attributes. Learn more about the attributes...
+ View Article