CPRA Series: Part Two – Consumer Rights
Most privacy laws derive from the same core foundational principles, namely the Fair Information Practice Principles (FIPPs). This includes the California Consumer Privacy Act of 2018 (CCPA), California Privacy Rights Act of 2020 (CPRA), Gramm-Leach-Bliley Act (GLBA), Fair Credit Reporting Act (FCRA), Health Insurance and Portability and Accountability Act of 1996 (HIPAA), Driver's Privacy Protection Act (DPPA), and even Europe's General Data Protection Regulation (GDPR).
Intended as guidelines that represent how organizations should collect and use personal information, the FIPPs recommend certain safeguards to ensure data collection practices are fair, and businesses are transparent about their privacy practices. In part, the FIPPs establish a framework for allowing consumers to have more control over how their information is collected and used. To this end, the Individual Participation Principle states that individuals should have the right to access, correct, and delete their personal information.
Building on the Individual Participation Principle, the passage of the CCPA made California the first state to provide consumers with individual rights to give them more control over the personal information that businesses collect about them. Less than two years later, the CPRA adds certain consumer rights not available under the CCPA and amends certain CCPA consumer rights to provide additional rights to consumers.
Read part two of our five-part series on the CPRA in the Daily Journal.