When it comes to privacy regulation enforcement it can be tricky to understand who is leading the charge.  Each regulation handles things individually.  Let’s take a look at those who govern two key regulations: the GDPR (General Data Protection Regulation) and the CCPA (California Consumer Privacy Act).



The GDPR is enforced by a local ICO, or Information Commissioner’s Office, in each area.  These offices have local authority and are able to incorporate other localized laws and regulations or interpretations.


As an example, the Information Commissioner’s Office in the UK provides a variety of resources that explain the changes caused by the GDPR and help organizations comply with its requirements. Visit their website for all kinds of handy info: https://ico.org.uk


CCPA = Attorney General

In California, the Attorney General’s office is key in managing the implications of the CCPA. Visit their website to learn more: https://www.oag.ca.gov/privacy/ccpa