The California Consumer Privacy Act and EU Businesses – Another Hurdle in Race for Compliance?


03 Oct 2019

Morrison & Foerster Global Privacy & Data Security Group co-chair Alex van der Wolk and partner Annabel Gillham authored an article for CIO that offers advice on the implications of the California Consumer Privacy Act on EU businesses.

The article covers the CCPA’s new privacy obligations for organizations doing business in California, which go into effect on January 1, 2020, and advises businesses established in the EU on how to assess whether they are in the scope of the CCPA. “The good news is that organizations that have already implemented a GDPR compliance programme will have an advantage over a business that was not subject to the GDPR,” Alex and Annabel write. “The not-so-good news is that those efforts alone will not be enough to comply fully with the CCPA, and there may be some additional steps that need to be taken.”

Alex and Annabel break down each of these steps for businesses, discuss the similarities and differences between the CCPA and the GDPR, and share tips for how businesses can comply with each requirement.



Unsolicited e-mails and information sent to Morrison & Foerster will not be considered confidential, may be disclosed to others pursuant to our Privacy Policy, may not receive a response, and do not create an attorney-client relationship with Morrison & Foerster. If you are not already a client of Morrison & Foerster, do not include any confidential information in this message. Also, please note that our attorneys do not seek to practice law in any jurisdiction in which they are not properly authorized to do so.