June 2019
Intermediate to advanced
172 pages
3h
English
Considerable attention has already been given to what constitutes a “business” under the CCPA. As explained, “business” describes covered entities, those organizations primarily responsible for complying, and demonstrating compliance with the CCPA. This responsibility largely hinges on which organization in the data supply chain collects personal information, or directs the means and/or purposes for processing the information. This is similar to the GDPR’s understanding of a “data controller.”
Under the GDPR, there are both “data controllers” and “data processors.” Data processors process personal information on behalf of the data controller, usually based on explicit ...