Enter your email address and we'll send you a link you can use to pick a new password.


arrow-downarrow-leftarrow-rightarrow-upbiocircleclosedownloadfacebookgplus instagram linkedinmailmenuphoneplaysearchsharespinnertwitteryoutube
Home

CCPA, CPRA’s Hidden ‘Third Party Business’ Classification

CCPA, CPRA’s hidden 'third party business' classification

By now, we all know an organization can be a “business,” “service provider” or “third party” under the California Consumer Privacy Act. However, the questions of what a “third party” is and whether it is a mutually exclusive classification from “business” (or, to a lesser extent, “service provider”) still elicits widely divergent responses. And even if the California Privacy Rights Act passes Nov. 3, these questions will remain relevant.

We seek to demystify this classification conundrum by explaining that your organization is a “third party” whenever it receives personal information from another organization (unless your organization is receiving it in a “service provider” or similar capacity, as discussed in this article).

Read the Full Article on IAPP.org

Authors

Author
Michael Hahn
Senior Vice President & General Counsel
at IAB & IAB Tech Lab

Author
Sundeep Kapur
Associate
at Paul Hastings LLP

Get the latest from IAB in your inbox

Be the first to know. Sign up to receive news about the IAB programs, standards, events, classes, and more!