CHAPTER 4: ROLES IN THE CCPA: BUSINESSES, BUSINESS PURPOSE AND SERVICE PROVIDER
Considerable attention has already been given to what constitutes a “business” under the CCPA. As explained, “business” describes covered entities, those organizations primarily responsible for complying, and demonstrating compliance with the CCPA. This responsibility largely hinges on which organization in the data supply chain collects personal information, or directs the means and/or purposes for processing the information. This is similar to the GDPR’s understanding of a “data controller.”
Under the GDPR, there are both “data controllers” and “data processors.” Data processors process personal information on behalf of the data controller, usually based on explicit ...
Get The California Consumer Privacy Act (CCPA) now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
