The new California Consumer Privacy Act (CCPA), which goes into effect on January 1, 2020, builds upon existing privacy law principles that prohibit unlawful, opaque, and limitless capture and processing of personal data.

Consumers’ rights will be extended to allow requests to businesses to disclose the categories and specific pieces of personal information that the business collects about the consumer, the categories of sources from which that information is collected, the business purposes for collecting or selling the information, and the categories of third parties with which the information is shared.

Get in touch today to stay abreast of the impending regulation.

Get Started Today

Wondering if the CCPA applies to your organization?

If your business operates in California and collects personal information (‘PI’) of California residents, their households, or electronic devices, the CCPA will likely apply to you if your organization meets one of the following criteria:*

Gross revenue


Has an annual gross revenue exceeding $25 million

Consumer PI


Buys, receives, sells, or shares PI of 50,000 consumers, households or devices manually.

Selling consumer's PI


Derives 50% of more of your annual revenues from selling consumers' PI.

*The above criteria for the CCPA may exempt small businesses, not-for-profits, and businesses already subject to existing federal laws with consumer privacy protections, such as health care (HIPAA) or financial institutions (GLBA).


Looking to stay ahead of the regulation?

Speak with a BDO Digital data privacy professional about the CCPA today.

Questions? Get In Touch