比较 CCPA 和 GDPR

CCPA 与 2018 年 5 月生效的欧盟《通用数据保护条例》(GDPR) 相似,两项法规都赋予消费者对其数据的权利,并定义了责任。但是,GDPR 规定了额外的义务,例如要求确保个人数据在跨境后受到保护,以及要求企业在发生数据泄露时遵循某些相关规定来向个人和监管机构发出通知。有关 Shopify 针对 GDPR 所做准备工作的详细信息,请查看 Shopify 的 GDPR 白皮书。

为 GDPR 所做的大部分准备工作都适用于 CCPA,但遵守 GDPR 并不等同于遵守 CCPA。GDPR 适用于欧洲居民,而 CCPA 适用于加州居民。GDPR 适用于数据主体的个人数据,而 CCPA 适用于消费者和家庭的个人信息。GDPR 规定了对跨境转移数据的要求,而 CCPA 对数据销售设定了限制。此外,GDPR 和 CCPA 还有不同的数据泄露通知要求和不同的违规处罚。

有关详细信息,请下载 Shopify 的 CCPA 白皮书(英文版)。

Shopify商户官网原文详情:

Comparing the CCPA and GDPR

The CCPA is similar to the European Union’s General Data Protection Regulation (GDPR), which came into effect in May 2018, in that they both give rights to consumers over their data and define responsibilities. However, the GDPR imposes additional obligations, such as the requirement to ensure that personal data is protected as it crosses borders, and requiring businesses to follow certain rules regarding notice to individuals and regulators when a data breach occurs. You can find more information of what Shopify did to prepare for the GDPR in Shopify’s GDPR whitepaper.

Much of the work to prepare for the GDPR applies to the CCPA, but complying with the GDPR doesn't mean that you comply with the CCPA. The GDPR applies to European residents, but the CCPA applies to California residents. The GDPR applies to personal data of data subjects, but the CCPA applies to personal information of consumers and households. The GDPR places requirements on transferring data across borders, but the CCPA places restrictions on the sale of data. Additionally, the GDPR and CCPA have different breach notification requirements and penalties for non-compliance.

For more information, download Shopify's CCPA whitepaper (in English).

文章内容来源:Shopify商户官方网站