In this paper, we aim to ease the challenge and complexity of compliance by providing an intelligible resource for readers, regardless of their level of familiarity with data privacy legislation. We compare the rights of individuals across four major data privacy laws, then explain the main responsibilities needed to comply with these rights, thereby mitigating the risk of penalization.
The four laws examined here include:
- the 2020 California Consumer Privacy Act (CCPA)
- the 2023 California Privacy Rights Act (CPRA)
- the European Union’s and United Kingdom’s 2018 General Data Protection Regulation (EU GDPR/UK GDPR)
- China’s Personal Information Protection Law (PIPL).