Does “personal information” include aggregate or de-identified information?
By its terms, the definition of personal information excludes aggregated or de-identified information. Specifically, pursuant to an amendment enacted by the California legislature in late 2019, the definition of personal information was modified to state that “’[p]ersonal information’ does not include consumer information that is deidentified or aggregate consumer information.”1
For more information and resources about the CCPA visit http://www.CCPA-info.com.
This article is part of a multi-part series published by BCLP to help companies understand and implement the General Data Protection Regulation, the California Consumer Privacy Act and other privacy statutes. You can find more information on the CCPA in BCLP’s California Consumer Privacy Act Practical Guide, and more information about the GDPR in the American Bar Association’s The EU GDPR: Answers to the Most Frequently Asked Questions.
1. CCPA, Section 1798.140(o)(3).
This document provides a general summary and is for information/educational purposes only. It is not intended to be comprehensive, nor does it constitute legal advice. Specific legal advice should always be sought before taking or refraining from taking any action.