California Consumer Privacy Act (CCPA)
Offered By: Cybrary
Course Description
Overview
Welcome to Cybrary’s in-depth review of the California Consumer Privacy Act!
You will begin by learning about the legislative history of the CCPA, and how its passage represented a stark departure from the decades’ old USA privacy regime. Thereafter, you will explore the specific privacy components that make up the law, including new consumer rights, additional protections for children, and its enforcement mechanisms.
Once you are exposed to the legal components that make up the law, the course will pivot to a series of “privacy in action” modules designed to teach you how to operationalize a CCPA compliance program at your organization. This will include items such as drafting a CCPA compliant privacy policy, building a consumer request channel, honoring opt-out requests, and deploying Cookies/AdTech that take into account CCPA requirements.
Once these items are covered, the course will address the key differences between the CCPA and other privacy frameworks you will likely be exposed to at your organization, including the European Union’s General Data Protection Regulation (GDPR). The course concluded by exploring the future of the CCPA, and evaluates the major updates that are expected in California Privacy Rights Act (CPRA), better known as CCPA 2.0.
Target Audience
This course is intended for a broad audience. Learners who currently work in a CISO, IT or other similar function where they share responsibility for ensuring that data is held safe and secure at their organization will benefit from this course. Company privacy practices are a cross-functional effort across many organizations, so learners who currently occupy a legal, compliance, risk, internal audit, or official privacy office role will benefit as well.
Prerequisites
Although the CCPA is a law, learners do not need any legal background to fully benefit from the course materials. However, learners will benefit from having a basic level understanding of how governments work, including the differences between local, state, national, and international governments. Learners will also benefit from having a basic understanding of how technology is leverage in the modern working environment. Concepts such as cloud vs on-premise data hosting, access controls, user authentication, and SaaS solutions will be explored.
Supplementary Materials
Learners do not need any supplementary materials in order to successfully complete the course. However, it is strongly recommended that learners keep a copy of the CCPA text handy when completing the video modules. Printed copies of the CCPA are available online at most e-retailers, including Amazon and Barnes & Noble.
Course Goals
By the end of this course, learners should be able to: Understand the historical context and public policy objectives that made the CCPA a reality.
- Understand the privacy obligations that are established by the CCPA and how they apply to businesses.
- Be capable of offering concrete advice at their place of work on how to implement practical solutions to ensure CCPA compliance.
- Be able to differentiate the privacy obligations established by the CCPA from its foreign counterparts, and how the current version of the CCPA fits in to rapidly evolving privacy landscape.
In this course, learners will learn the key concepts and requirements of the California Consumer Privacy Act (CCPA) and how they can take that knowledge back to their organizations to ensure compliance with the law.
What is the California Consumer Privacy Act?
The California Consumer Privacy Act (CCPA) is a state statute that was created to ensure the consumer protection and privacy rights of California residents. The statute provides consumers with more control over what personal information businesses collect and how they use it. This new law (passed in 2018) ensures rights for residents of California that include:
- The right to identify personal information that businesses collect about them, how it is used, and how it is shared with other entities
- The right to opt-out of their personal information being sold to other entities
- The right to have their personal information deleted (there are some exceptions)
- The right to not experience discrimination if they exercise their CCPA rights
Businesses are mandated to provide consumers with notices that explain privacy practices related to the CCPA. They must also know how to direct consumers to exercise the rights listed above.
Is the CCPA the Same as GDPR?
The CCPA is frequently compared to the European Union’s General Data Protection Regulation (GDPR) of 2016 because the two laws have similarities. They both allow consumers to access and delete personal data that is collected by businesses, require transparency about how the information is used, and require contracts between organizations and service providers.
While the CCPA and GDPR are alike in ways, and organizations that have properly implemented policies to comply with the GDPR will have somewhat of an advantage in CCPA compliance, those efforts alone aren’t enough. The CCPA and GDPR differ enough that individuals who are responsible for compliance with the CCPA within their organization will need proper training to understand the full scope of the requirements.
What Does the CCPA Training Course Cover?
The CCPA course covers various aspects of the law, beginning with its legislative history and how it differs from previous privacy programs. From there, the course covers privacy aspects that are specific to the CCPA, new consumer rights, additional protections for minors, and its compliance requirements. Once the fundamentals are covered, students will learn how to take the information back to their organizations and apply it with a CCPA compliance program, including components like:
- Designing a CCPA compliance policy
- Creating consumer request procedures
- Fulfilling consumer opt-out requests
- Implementing online marketing (cookies, etc.) that comply with CCPA requirements
The CCPA course is designed for students who work for a business in a role that involves shared responsibility for the collection, storage, and security of consumers’ personal information. This may include employees who handle consumer inquiries, work in risk, compliance, audit, legal, or privacy roles. There are no prerequisites for this course, but it is helpful for students to have a basic knowledge of how governments work and how technology is used in modern business environments. Upon completing the CCPA training course, students will earn 4 CEU/CPE and a Certificate of Completion.
To Whom Does the California Consumer Privacy Act Apply?
Compliance with the California Consumer Privacy Act is required for any for-profit companies that do business in California and who:
- Buy, receive, or sell personal data of 50,000 or more residents, households, or devices within the state of California
- Have over $25 million in yearly gross revenue
- Generate more than half of their yearly revenue by selling California residents’ personal information
How to Become Maintain a Business's CCPA Compliance
Remaining compliant with the CCPA is important for businesses that collect personal information from California residents because there are some stiff penalties for the failure to do so. To avoid these penalties, businesses must:
- Give notice to consumers before or at the time they collect personal information
- Provide consumers with the option to opt-out, to view, and to delete their personal data from the business’ records
- Display consumers’ privacy settings that indicate they have chosen to opt-out
- Verify consumers’ identity when they request to read and/or delete their information
- Keep records of requests for access and the business’ response for a minimum of two years
- Disclose any monetary incentives that the business receives for retaining or selling consumers’ personal information
- Respond to any consumer requests within a specific timeframe
How to Learn More about CCPA Training
Any privacy professionals who are responsible for compliance with the CCPA for their organization or who just wants to learn more about the statute will find the Cybrary CCPA training course beneficial. This online training course covers all the information needed to help their organization implement solutions that ensure compliance.
At Cybrary, all courses are self-paced, allowing students to conveniently work around their busy schedules. Courses can be accessed anytime and anywhere with internet service. To enroll in the CCPA training course, simply click the Register button at the top of the screen.
Syllabus
- History of the CCPA
- What is "Privacy"?
- Do Americans Have a Natural Right to Privacy?
- The Sectoral Approach – HIPAA, GLBA, COPPA
- Privacy Trends Before the CCPA
- The California 2018 Ballot Initiative
- Scope of the CCPA
- Businesses That Are Subject to the CCPA
- Geographic Scope of the CCPA – Beyond California
- What is “Personal Information”?
- Consumer Rights
- What is a Consumer Right?
- Consumer Rights Established by the CCPA
- Right to Access Personal Information
- Right to Delete Personal Information
- Right to Opt-Out of Sale
- Notice & Transparency
- Privacy Policy Concepts
- Specific CCPA Requirements - Privacy Policy
- Need to Inform
- Deceptive Trade Practices – What are They?
- Children & Privacy
- Why the CCPA Treats Children Differently
- CCPA Rule Deviations for Children
- Verifiable Parental Consents – CCPA Collides with COPPA
- AdTech & Cookies
- Intersection of Cookies & Privacy
- Cookie Banners & Privacy Policy
- Standing Down Cookies
- Enforcement
- Data Protection Authorities
- California Attorney General Enforcement
- CCPA in Action
- Who Should be Responsible for CCPA Compliance?
- Internal Privacy Program
- Consumer Request Channel
- High Volume Consumer Request Channel
- Do Not Sell Link
- Leveraging Global Privacy Efforts
- CCPA vs GDPR – Consumer Requests
- CCPA vs GDPR – Legal Basis for Processing
- CCPA vs GDPR – Miscellaneous
- Where Do We Go From Here?
- Upcoming CCPA Amendments
- CCPA 2.0 – “California Privacy Rights Act”
Taught by
Jason Sarfati and Jacob Pelzman
Related Courses
Economía Digital – Aspectos RegulatoriosThe Pontificia Universidad Javeriana via edX Conecta de forma efectiva con los clientes de retail
UBits via Coursera Introdução às relações de consumo e aos direitos básicos
FGV Educação Executiva Основы финансовой грамотности
Saint Petersburg State University via Coursera Contratos internacionales en la era contemporánea
The Pontificia Universidad Javeriana via edX