Employer CCPA FAQs #8: Does the CCPA apply to non-profit employers?

Stephen Evans
BCLP
Contact
LinkedIn
Facebook
X
Send
Embed

As our series of FAQs regarding the California Consumer Privacy Act (“CCPA”) continues we are examining the scope of the law’s jurisdiction.    These FAQs should help employers determine if they are required to comply with the CCPA and if so, what steps their HR professionals and IT departments should take to be in compliance.

As a reminder, the CCPA is a new privacy law that applies to data collected about California-based employees.   The CCPA will go into effect in early 2020, and employers who must comply should be addressing compliance obligations now.

For US employers who have not had to comply with the GDPR, the requirements of the CCPA will likely require a new analysis of the treatment of employee-data and implementation of updated or new data policies.  For employers with European operations, one key area of interest is the degree to which the CCPA aligns with the European General Data Protection Regulation (“GDPR”).   Employers in compliance with the GDPR will likely already be familiar with many of the requirements of the CCPA – and with some assistance, should be able to bring their operations and policies into compliance with respect to California-based employees.

Question #8: Does the CCPA apply to non-profit employers? 

Generally, no.

The CCPA applies only to “businesses” – a term that is defined, in relevant part, as including “any legal entity that is organized or operated for the profit or financial benefit of its shareholders or other owners” and does business in the State of California.[1]  Based upon this definition most not-for-profit organizations will be exempt from the CCPA.

Like all good general rules, there is an important exception.  Non-profits that “control or are controlled by” or that “shares common branding” with a business may be subject to the CCPA. For this purpose, “control” and “controlled” means ownership of, or the power to vote, more than 50% of the outstanding shares of any class of voting security of a business; control in any manner over the election of a majority of the directors, or of individuals exercising similar functions; or the power to exercise a controlling influence over the management of a company.[2] “Common bonding” means a shared name, servicemark, or trademark.[3]

[1]           CCPA, § 1798.140(c)(1).

[2]           CCPA, § 1798.140(c)(2).

[3]           Id.

[View source.]

Written by:

BCLP
BCLP
Contact
more
less

PUBLISH YOUR CONTENT ON JD SUPRA NOW

  • Increased visibility
  • Actionable analytics
  • Ongoing guidance

BCLP on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide