Significant changes to CCPA in 2023 – an overview - Actonic – Unfolding your potential
We have outsourced our Atlassian licensing and services business to the newly founded Seibert Solutions GmbH. Actonic's products will be further developed under the usual name.

Significant changes to CCPA in 2023 – an overview


The California Consumer Privacy Act CCPA was established as a law by the state legislator on June 28, 2018, to protect the consumer’s privacy throughout the golden state. CCPA went into effect on January 1, 2020, providing California residents with the right to data privacy and regulating how businesses handle personal information.

Found this topic helpful?

If you want to learn more about it,
don't miss what's coming. Get updates here:

Thank you! Please confirm your e-mail address using the link we just sent you.

Sorry, but something went wrong. Please contact us here:

However, on October 17, 2022, several revised modifications were added to the privacy data CCPA, and companies across California should abide by these new amends in 2023. This recent and significant update, CPRA California Privacy Rights Act, includes new regulations. It has been in effect since January 1, 2023, forcing companies and organizations to prepare their data mechanism to comply with the recent changes.

What are the latest conversions and upgrades in the CCPA for 2023?

On November 3, 2020, California voters favored Proposition 24, also known as the CPRA. This law provides consumers additional protection and includes a series of efficient privacy rights. It is sometimes referred to as “CCPA 2.0.”, but it does not replace CCPA.

Please don’t confuse CCPA with CPA – you can find a detailed explanation in our article: Data Privacy Laws explained.

The CCPA consisted of several rights: the right to know, the right to delete, the right to opt out of a sale, and the right to non-discrimination. However, the CPRA added a few alterations and new amendments:

  • The right for users to request correct inaccurate PII (personally identifiable information) and SPI (sensitive personal data)

  • The right to limit or disclose SPI “sensitive personal information.” The SPI includes the following points: biometric and genetic data, social security, driver’s license, passport number, state identification card, passwords, debit and credit card numbers, racial, ethnic origins, or religious details, union membership, and location.

  • The right for California residents to opt out of any profiling being shared or sold to third parties. Organizations will also face penalties if they sell and share personal information regarding minors without any parental or guardian consent.

  • The ability to allow consumers to request from businesses “look back” on all the personal data that was gathered, with whom, and how it was shared, dating back to 12 months. This “look back” provision can be provided from January 1, 2022, until the CPRA becomes effective on January 1, 2023.

Changes for CCPA in 2023 due to CPRA

It is required under CPRA to retain a minimum amount of data that is only essential for the organization to fulfill its requirements. In addition, businesses should not keep data for longer than necessary; if they do, a justification must be presented, and they must notify the user. The criteria to Comply with CPRA remained almost the same as in CCPA, but with a slight change:

  1. Businesses should comply if they obtain a revenue of more than $25 million or gain 50% from selling personal data.

  2. Businesses should comply if they process data of more than 100,000 users instead of 50,000.

The California Privacy Protection Agency was created to enforce the CPRA starting July 1, 2023. It is responsible for raising awareness about data privacy and ensuring that consumers’ rights are protected while implementing penalties on non-compliant entities.

Suppose you’re a business owner in California. In that case, it’s essential to be aware of the recent changes in California privacy laws 2023 to ensure your company is abiding by the rules to prevent extreme fines and damages to your business.

Relying on software and applications is the perfect solution for organizations to regulate all the data they retain while following the requirements to comply with the CCPA in 2023.

Interested in Data Security? Then go on and find out what the difference between CCPA and GDPR is.

Want to continue reading?

There’s more where this came from. To receive related content, sign up below and get updates whenever we have new insights for you to share.

Thank you! Please confirm your e-mail address using the link we just sent you.

Sorry, but something went wrong. Please contact us here:

How useful was this post?

Click on a star to rate it!

Average rating 5 / 5. Vote count: 1

No votes so far! Be the first to rate this post.