gbrain: sync converted org-mode brain files

2026-05-23 06:35:21 +00:00
parent 3f38e87f4f
commit 44299599f9
38 changed files with 1248 additions and 856 deletions
--- a/ideas/compliance/ccpa-cpra.org
+++ b/ideas/compliance/ccpa-cpra.org
@@ -0,0 +1,23 @@
+:PROPERTIES:
+:ID:       auto-ccpa-cpra
+:CREATED:  [2026-05-23 Sat]
+:END:
+#+title: 
+#+filetags: :passepartout:compliance:framework:ccpa:
+
+
+California's comprehensive privacy law — the closest US analogue to GDPR.
+CPRA (effective 2023) amended and strengthened CCPA. Key rights: right to
+know, delete, opt out of sale/sharing, correct inaccurate data, limit use
+of sensitive PI. Private right of action for data breaches.
+
+Who must comply: For-profit businesses with >$25M revenue, or handling >100K
+consumer records, or deriving >50% revenue from selling PI. Extraterritorial —
+applies to any business collecting CA resident data.
+
+Penalties: $2,500 per violation (intentional: $7,500). Private right of action
+for breaches: $100-$750 per incident per consumer. CPRA created the California
+Privacy Protection Agency (CPPA) for enforcement.
+
+Why it matters: The opt-out/sale/sharing requirements create complex data flow
+gate rules. The gate stack can encode "this data flow crosses a CCPA boundary"