The CCPA and the GDPR Are Not the Same: Why You Should Understand Both
W. Gregory Voss, 'The CCPA and the GDPR Are Not the Same: Why You Should Understand Both,' CPI Antitrust Chronicle, Jan. 2021, Vol. 1(1), pp. 7-12, available at https://www.competitionpolicyinternational.com/the-ccpa-and-the-gdpr-are-not-the-same-why-you-should-understand-both/.
8 Pages Posted: 28 Jan 2021 Last revised: 24 Feb 2021
Date Written: January 18, 2021
This article gives a comparative view of two main pieces of data privacy legislation from, respectively, California and the EU: the CCPA and the GDPR. While there are similarities between the two, there are differences, as well, providing challenges for compliance. For example, both instruments have extraterritorial effect, however only the GDPR is truly omnibus legislation given the CCPA carveouts for areas of federal legislation and its thresholds for application. Thus, this article aims to provide certain elements to be taken into consideration in evaluating legislation on both sides of the Atlantic.
Keywords: CCPA, GDPR, California Consumer Privacy Act, General Data Protection Regulation, data protection, data privacy
JEL Classification: K2, K22, K23
Suggested Citation: Suggested Citation