Skip to Main Content

4 Consumer Rights Under the CCPA You Need to Know

Human rights are entitlements based on shared values like fairness, respect, equality, and independence. They belong to everyone, no matter where they’re born or how they live.

But is privacy a human right? Or is it a privilege?

We turned to Michelle Dennedy, CEO of the data company DrumWave to get some answers about privacy and consumer rights under the CCPA.

Please accept personalization cookies to watch this video.

Excuse Me, Your Data is Showing

According to Michelle, you probably created data before you made breakfast this morning. She says, “Every day you wake up in the morning, you check your email, you get in your car, you’re using GPS, you’re typing into your systems…you are creating more and more information.”

Essentially, you’re putting out pieces of data every time you interact with an online device. But because you don’t see the data pouring out of your fingertips and floating through the air, you tend to forget about it.

But this is a problem. As Michelle explains, “Be aware that your digital activity is very similar to a digital tattoo. There’s a lot of information that goes out. It’s very difficult to retract.”

Unfortunately, not everything we put out is innocuous. And some types of data can come back to haunt us. “You may have shared something that you regret later. We’ve all done it,” says Michelle. “Does this mean you’ve relinquished your rights to have privacy online? Absolutely not.”

So, is privacy online only a privilege? Absolutely not. It’s a right.

 New consumer rights under the CCPA have changed how we think about data and the right to privacy. Explore the following consumer rights to see what you can do about your privacy online as a Californian and what you should fight for in other states.

  1. The right to know when personal information is being collected.

The CCPA requires businesses to inform consumers when personal information is being collected during online interactions. They must also disclose how they intend to use collected data.

Depending on where you live, you may have noticed a drastic increase in the number of “cookie” notification pop-ups on websites. These consent notices are designed to inform consumers about what type of cookies a website is using and how it will be used. Being able to deny a website the ability to use cookies is a result of internet privacy laws.

2. The right to request specific categories of information.

The CCPA grants consumers the right to ask a business to disclose categories and specific sections of personal data collected during online interactions. Businesses must also tell consumers what categories of information are shared with third parties.

When reviewing your cookie consent pop-up, see if it mentions third-party cookies. You have the right to only block third party cookies by adjusting the settings in your web browser.

3. The right to opt out of the selling of personal information.

Consumers have the right to decline their personal information being sold by a business. Businesses are prohibited from discriminating against consumers who exercise this right.

You may notice a “Do Not Sell My Personal Information” link on websites (unless a separate homepage is dedicated to California consumers) that allows you to opt out of the sale of personal information.

4. The right to delete personal information.

The CCPA gives consumers the right to request personal information be deleted. Businesses must comply with a consumer’s request, unless a type of data is required to be saved by law.

You should find more information on what can be deleted and what can’t in a company’s privacy policy, which has certainly been updated to meet CCPA regulations. If you live in California, you may have noticed a sudden influx of such emails in your inbox as companies made necessary adjustments to their previous policies.

These are just some of the new consumer rights under the CCPA. See the full text to learn more.

How To Enact Your Privacy Rights

As a consumer under the CCPA, it’s important to remember that it’s up to you to make sure your rights are being respected. Here’s how.

If a company conducts business in California (physically or virtually), collects personal data of a California resident, and EITHER has an annual gross revenue of more than $25 million, collects, purchases, sells, or shares personal data of 50,000 consumers or more annually, or generates a minimum of 50 percent annual revenue from personal information sales, they must comply with the CCPA.

We’ve found that most businesses are very open with their journey to becoming CCPA compliant. A quick Google search of “business name CCPA” should bring up any blog posts, announcements, or FAQs provided by the business. The CCPA requires that all individuals handling consumer inquiries are fully informed of the law and understand how to direct consumers to exercise their rights.

Next, do a little detective work. Every business should have a method and process for submitting consumer requests concerning their personal data. Look for a toll-free phone number or direct email address. Be specific and direct with your requests. Remember, consumers have many rights under the

After you’ve submitted your request, either verbally or in writing, wait for confirmation and action. Should a business fail to comply, Reach out to your legal representative to see what your next steps should be if your rights have been violated under the CCPA.

Don’t wait for a business to ask how you want your data handled. As a California resident, the consumer rights under the CCPA are for you to own and act upon. If you don’t live in California, these rights should inspire you to contact your local legislators and demand change.

Michelle puts it best. “We have a right to continue to tell our data story the way that we want to tell it. Privacy is a right.”

Up next, we’ll discuss if privacy laws really make us safer…or if they’re just an illusion.

Did you miss the first in the series? Catch up here.

Avira, a company with over 100 million customers and more than 500 employees, is a worldwide leading supplier of self-developed security solutions for professional and private use. With more than 25 years of experience, the company is a pioneer in its field.
Avira logo

Reclaim your online privacy

Avira logo

Reclaim your online privacy

Avira logo

Reclaim your online privacy

Avira logo

Reclaim your online privacy