New Guide Compares Privacy Laws in EU and California



December 7, 2018
Contact: Nat Wood, [email protected], 410-507-7898

New Guide Compares Privacy Laws in EU and California

Guide and December 13 Webinar from FPF and DataGuidance
Explore GDPR & CCPA, Potential Federal Privacy Law

Washington, DC – The Future of Privacy Forum and DataGuidance have released a new report, Comparing privacy laws: GDPR v. CCPA, which analyzes and contrasts the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act of 2018 (CCPA). GDPR, which became effective in the EU on May 25, 2018, and the CCPA, scheduled to go into effect January 1, 2020, both aim to protect individuals’ personal data and apply to businesses that collect, use or share that data, online or off.

“There is a growing consensus about the need for comprehensive federal privacy legislation in the U.S.,” said Jules Polonetsky, CEO of the Future of Privacy Forum. “Policymakers will appreciate the insights and comparisons in this report even though the scope and approach for a federal privacy law will rightly differ from those of the GDPR or the CCPA.”

The report details how the two laws differ in significant ways, including their scope of applicability, the extent of collection limitations and rules concerning accountability. However, they are similar in certain definitions, the establishment of additional protections for people under age 16 and the inclusion of rights to access personal information, among other provisions.

“Given the size and influence of the EU and California, their privacy rules will each have a global effect,” said David Longford, CEO of DataGuidance. “Organizations around the world will find the guide helpful in understanding and complying with the GDPR and the CCPA.”

The guide compares the two pieces of legislation based on their scope, key definitions, legal basis, the rights they provide, and their approach to enforcement. Each topic includes relevant articles and sections from the two laws, a summary of the comparison, and a detailed analysis of the similarities and differences between the GDPR and the CCPA.

On December 13, 2018, at 10:00 a.m. EST, FPF and DataGuidance will host a GDPR v. CCPA webinar to compare the two laws and discuss future developments in California and at the federal level. Speakers will include FPF Policy Counsel Stacey Gray and Gabriela Zanfir-Fortuna and DataGuidance CEO David Longford and Global Privacy Director Alexis Kateifides. Those interested in participating in the webinar may register at

FPF has long supported a comprehensive federal consumer privacy law, believing that both businesses and consumers will gain from one clear standard that provides necessary protections for consumers and certainty and guidance for industry. FPF recommends that such a law address issues of interoperability with existing federal sectoral laws and global privacy frameworks while avoiding conflicts with existing requirements in order to promote beneficial cross-border data flows.


The Future of Privacy Forum is a non-profit organization that serves as a catalyst for privacy leadership and scholarship, advancing principled data practices in support of emerging technologies. Learn more at