The California Consumer Privacy Act: The ethos, similarities and differences vis-a-vis the General Data Protection Regulation and the road ahead in light of California Privacy Rights Act

Tripti Dhar, Partner, Reina Legal LLP

Click the button below to download the full text of the article.



Abstract: Amidst the ongoing privacy concerns, legislations like the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) have given individuals the insight into their personal data and a control thereof. These legislations, however, must not be viewed as impediment to business but as business enablers that ensure successful conduct of business while balancing the rights of the individuals vis-à-vis that of the businesses. This paper seeks to delve into the spirit and the most striking features of CCPA. The paper also aims to compare the GDPR and CCPA so as to ascertain the key similarities and key differences between the two. The paper finally attempts to trace the journey of global companies in the quest to achieve compliance before 1st January, 2020. As of today, businesses are faced with a peculiar circumstance. They have aligned their businesses in line with the GDPR and are now also required to align with the obligations under CCPA. The procedural aspect has the business taken by storm. To make matters complicated, businesses are now faced by the California Privacy Rights Act (CPRA) and the relevant compliances expected of them. The paper seeks to conclude with a roadmap for global businesses in such a factual matrix.


Keywords: CCPA, GDPR, CPRA, data protection, data privacy


Tripti Dhar is a partner at Reina Legal LLP and heads the Data Protection and Privacy practice for India, EMEA and USA. She is an alumnus of NALSAR University of Law, Hyderabad, India and has a work experience of more than nine years in Information Technology (IT) and TMT. She is a Fellow of Information Privacy (FIP) as designated by the International Association of Privacy Professionals (IAPP) and holds the CIPP/E and CIPM certifications. She is also a certified ISO 27001 Lead Auditor as issued by the British Standards Institute (BSI). She is admitted to practice in the courts of India and has previously advised clients across the sectors of, inter-alia, IT, TMT, healthcare, hospitality, fintech, media and entertainment. She has undertaken many speaking engagements in and conducted trainings and workshops across various sectors. Tripti’s core focus area is evolving data protection law and jurisprudence across the globe.


Read this featured article now.
To read this article and receive further updates on Henry Stewart Publications content please register using the form below.