skip to main content
CookiePro Blog October 9, 2019

Privacy Law Comparison: GDPR vs. CCPA

We developed a full white paper that explores the differences between CCPA and GDPR, as well as how businesses can stay compliant.

When the bill for CCPA was passed in June 2018, it was instantly compared with the EU’s GDPR . This was for good reason. Both sets of regulations take a hard stance towards businesses that do not adequately protect consumer data.

They both give individuals significant rights in regards to how their data is used, and they both leave the potential for large fines to be levied at companies that don’t comply. However, the comparisons only stretch so far; there are significant differences between the two regulations. For some businesses, specifically those that only operate in one of the areas affected—either the EU or California—these distinctions may not cause problems.

These companies can focus on complying with the regulation that matters to them. For businesses that operate in both areas, however, complying with two sets of regulations will be a challenge. Especially for small companies that don’t have the budget for expensive legal or compliance departments.

Failure to adhere to the regulations, however, could be just as costly. Agencies, publishers, and other small and medium-sized businesses that operate in both the EU and California need to ensure they have an in-depth understanding of how to adhere to both sets of rules.

GDPR vs CCPA

GDPR VS. CCPA in Numbers

£183.39 Million: The largest fine so far handed out under GDPR. Given to British Airways by the ICO for the airline’s failure to protect customer data.

$7,500: The maximum penalty per intentional violation under CCPA. Non-intentional violations are capped at $2,500.

513.5 million: Number of people residing in the EU at the start of 2019, according to Eurostat.

37 million: Number of people living in California according to the 2010 census. Around 12% of the population of the U.S.

33,089: Number of GDPR complaints submitted to the UK DPA by March 1, 2019. More than any other EU country. But fewer complaints per 100,000 of the population than Ireland.

137: The number of people businesses need to collect data on per day to be subject to CCPA. This could come from the IP address of website visitors.

January 1, 2020: The day CCPA will go into effect. Businesses operating in California will need to ensure they are compliant by this date.

8%: The percentage of U.S. businesses that said they are ready for CCPA as of July 2019 according to PossibleNow.

Download the full guide to learn key differences between CCPA and GDPR regarding cookie compliance, mobile app compliance and consumer & subject requests.

Recent Posts

Countdown to CCPA: Cookies Master Class Series
Countdown to CCPA: Cookies Master Class...
Check out our webinar series to learn how you need to manage cookie consent prior to the CCPA 2020 deadline.
+ View Article
Cookies 2019 Year in Review: ICO
Cookies 2019 Year in Review: ICO
In our weekly Cookies 2019 Year-in-Review blog series, we’re covering headlines that were made from regulations in 2019 about privacy...
+ View Article
CCPA Compliance Checklist: Three-week countdown
CCPA Compliance Checklist: Three-week...
This week in our CCPA Compliance Checklist blog series, we’ll review how to use our product to respond to consumer requests.
+ View Article
CCPA Opt-Out Requirement Solutions
CCPA Opt-Out Requirement Solutions
The CCPA Do Not Sell rule gives consumers the right to opt out of the sale of their personal information. Here's how to make sure you...
+ View Article
popup close button