Comparative characteristics of legal regulation of personal data protection in the US and Europe: CCPA vs GDPR

: 72-77

Korneliuk Y., Seredynska Y. "Comparative characteristics of legal regulation of personal data protection in the US and Europe: CCPA vs GDPR"

Lviv Polytechnic National University Institute of Law and Psychology, Assistant of the Department of Theory and Philosophy of Law
student Institute of Law, Psychology and Innovative Education

The article analyzes and compares the legal regulation of personal data protection in the form of European and American acts - General Data Protection Regulation (Regulation (EU) 2016/679) (GDPR) and California Consumer Privacy Act (CCPA). Сollection, processing, and sale of personal data in accordance with relevant legal acts; the scope of legal acts differs according to 3 traditional criteria: the number of persons, the subject of regulation and the territory of application are analyzed in the article. It also raises the issue of protection of personal data by legal means during their collection, processing and sale in information systems. Trends in the development of the Personal Data Protection Institute in the context of the US and Europe are explored, as well as the essence of the concept and general principles of personal data development. The development of EU legislation in the field of personal data protection and the basis of its practical implementation are studied. Proposals for the implementation of Ukrainian and EU legislation have been submitted. A thorough analysis of the US and European legal frameworks and principles of personal data protection, which form the basis of current practice in this field, has been carried out. The question is raised as to the peculiarities of the grounds on which the personal data of the subject can be lawfully processed in accordance with the General Data Protection Regulation and the California Consumer Privacy Act. A comparison of the concept of data subject, GDPR and CCPA GDPR establishes six such grounds. A key position is the consent of the data subject to process it. Particular attention is paid to the study of "sensitive data" in the General Data Protection Regulation. The term data refers to information that reveals race, ethnicity or religion; religious or philosophical beliefs; political views and beliefs; processing of biometric and genetic data for the sole identification of the individual, as well as their health, sexual life or sexual orientation. In contrast, the CCPA does not impose any restrictions or modes on the collection and processing of relevant categories of personal data.

Mel`ny`k K. S. (2013). Inozemny`j ta vitchy`znyany`j dosvid stanovlennya insty`tutu zaxy`stu personal`ny`x dany`x. [Information security of man, society, state]. #2 (12). P. 97-103. 2. Comparing Privacy Laws GDPR v. CCPA URL: . 3.General Data Protection Regulation URL: 4.California Consumer Privacy Act URL: