What is CPRA?
Last Updated: January 7, 2021
California Privacy Rights and Enforcement Act
The California Privacy Rights and Enforcement Act, or CPRA, was voted into California law by a 56% majority in the General Election on November 3, 2020. You may have also heard the CPRA referred to “CCPA 2.0” as it broadens the California Consumer Privacy Act of 2018 (CCPA) through several new amendments.
Ultimately, the passing of the CPRA into California law establishes a new governing body called the California Privacy Protection Agency (CPPA) which focuses on enforcing privacy regulations within the state. The CPRA also imposes stronger regulations on the use of personal information (PI) by businesses, enhancing the rights of California citizens.
Some key changes the CPRA outlines from the CCPA are:
- Consumers now have the right to limit a new classification of personal information called Sensitive Personal Information, which includes social security numbers, account logins, and more.
- Various consumer data rights have been added such as the right to opt-out of sharing personal information and the right to correct inaccurate personal information, and others have been amended.
- Several key terms have been more defined, such as “sell” vs. “share” and consumers will have the right to opt-out of both, stopping them from receiving targeted ads based on third-party data and online behavior.
There are numerous additional changes the CPRA introduces, all of which will go into effect on January 1, 2023. Organizations will need to understand these new requirements and prepare ahead of time to remain compliant. To learn more about the CPRA and how CookiePro can help you begin preparation, request a demo today!