California Privacy Rights Act/Proposition 24

The California Privacy Rights Act (CPRA) takes effect on January 1st, 2023. Unlike other regulations, under CPRA, organizations are no longer left with a rectification period to fix non-compliance. While the bill was passed on November 3rd, 2020, numerous drafts have been submitted, leaving confusion in interpretation for organizations.


With California touted to be the fourth largest economy in the world, you cannot risk non-compliance and impact brand trust. Organizations are left with little time to fast-track compliance.

Key takeaways include:

Benefits Icon

What to expect with CPRA

Reduction Icon

The role of the California Privacy Protection Agency

Reduction Icon

How to best prepare for CPRA compliance

CPRA Flash Guidance

The purpose and intent of the people
of the State of California is “to
further protect consumers’ rights,
including the constitutional right of
privacy. Unlike GDPR, the CPRA
is aimed at for-profit businesses in California only meant to regulate
data collection, storage, processing,
sale, and sharing practices.”

CPRA Flash Guidance

“Using the suite of TrustArc tools is incredibly important to us to document and track compliance with our global privacy program.”

Chief compliance officer, industrial company

You are not alone

The road to understanding the increased consumer rights and new mandates for enterprises in California under CPRA doesn’t have to be daunting. A new category of Sensitive Personal Information, no cure period, an independent enforcement authority, and how these impact your organization are a few among many provisions organizations should start preparing for compliance.

Time to compliance: Down from eight to just three weeks

Before using TrustArc the customer’s processes were highly manual, inefficient and spreadsheet based. Now, with the automation of the TrustArc platform, time to compliance has been reduced by 75%.

About TrustArc

TrustArc powers privacy compliance and risk management with integrated technology, consulting and TRUSTe certification solutions—addressing all phases of privacy program management. The foundation for our solutions is the TrustArc Privacy Platform which provides a flexible, scalable, and secure way to manage privacy. Our technology platform, fortified through six years of operating experience across a wide range of industries and client use cases, along with our services, leverage deep privacy expertise and proven methodologies which we have continuously enhanced through thousands of client projects over the past two decades. Headquartered in San Francisco, and backed by a global team, we help over 1,000 clients worldwide demonstrate compliance, minimize risk, and build trust. For more information, visit

© 2022 TrustArc Inc | Privacy Policy