CPPA

2022 was another eventful year in the realm of privacy, security and innovation.  Privacy World was there every step of the way, to keep you informed on key developments.  Starting next week, we will be rolling out our popular Year in Review series.  As a lead up to that, below are our ten most popular

In case you missed it, below are recent posts from Consumer Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

WEBINAR Federal Privacy Legislation: Within Reach After a Decade of Debate. If So, What Next?

Federal Court Dismisses Biometric

In case you missed it, below are recent posts from Consumer Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

Federal Court Sanctions Company for Spoilation of Evidence Over Arguments Data Settings Changed to Comply with CCPA and ISO

At a two-day meeting that took place on October 28th and 29th, the CPPA considered the CPRA Modified Regulations (Modified Regs) that were published on October 17th of this year. We analyze the initial proposed CPRA regulations here.

On the proposed changes of the Modified Regs, the CPPA Board (the Board) considered clarifying amendments while maintaining the initial intent of the (i.e., no further substantive changes). There are three amendments of particular importance that were discussed:
Continue Reading The California Privacy Protection Agency (CPPA) Decides on a Roadmap for Revised California Privacy Rights Act (CPRA) Regulations

On October 17, 2022, the California Privacy Protection Agency (“CPPA” or “Agency”) published Modified Text of Proposed Regulations (“Modified Regs”) and Explanation of Modified Text of Proposed Regulations (“Explanation of Modified Regs”). The CPPA review of the Modified Regs has been postponed and is now scheduled to be considered during the October 28-29, 2022 public meeting.

Recall that earlier this year, on May 27, 2022, the CPPA published the first draft of the proposed CPRA Regs and initial statement of reasons. The Agency commenced the formal rulemaking process to adopt the Regs on July 8, 2022, and the 45-day public comment period closed on August 23, 2022. The comments submitted in response to the first draft of the Regs are available here.
Continue Reading Revised Proposed CPRA Regs To Be Considered At October 28, 2022 Meeting

Shea Leitch (Of Counsel, Washington, DC) and Kyle Dull (Senior Associate, New York/Miami) will speak on Friday, September 16, at the Association of Corporate Counsel (ACC) South Florida Chapter’s 12th Annual CLE Conference, “Casino Royale: Accepting the In-House Mission.” Shea and Kyle’s aptly named panel, “For Your Eyes Only: Dealing with Security Risks, New

The California Consumer Privacy Act (CCPA) currently has limited carve-outs for personal information (PI) collected from a job applicant, employee, owner, director, officer, medical staff member, or independent contractor of a business acting in such capacity (including, without limitation, communications, emergency contact and benefits PI) (HR data). An even broader exception applies to B-to-B communications and related PI (e.g., vendor, supplier and business customer contacts and communications) (B-to-B data). As a result, businesses subject to the CCPA are not currently required to honor CCPA rights requests received from persons concerning HR data and B-to-B data. These carve-outs are set to sunset on January 1, 2023, when the California Privacy Rights Act (CPRA), which substantially amends the CCPA, goes into full effect, at which point HR data and B-to-B data will be fully subject to all of the requirements of the CCPA/CPRA. Many business administrators had hoped that either the California legislature would extend the HR data exceptions (or maybe even make them permanent), or a federal law that limited data subject rights to traditional consumers would pass and preempt CCPA/CPRA. It is now clear that the former is impossible and the latter is highly unlikely. Accordingly, many companies have a lot to do by year-end to prepare to stand up a CCPA/CPRA program for HR data and B-to-B data.
Continue Reading HR and B-to-B Data Compliance Deadline Looming – Legislative Efforts to Extend California Consumer Privacy Act Exemptions Fail

In case you missed it, below are recent posts from Consumer Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

Online Safety in Digital Markets Needs a Joined Up Approach with Competition Law in the UK

China’s Didi Fined

SPB Partner Beth Goldstein also contributed to this post.

With the powerful Committee on Energy and Commerce having approved a comprehensive, bipartisan privacy bill by a vote of 53-2, the US House of Representatives is one step closer to approving historic privacy legislation after over a decade of debate. Before formally reporting the legislation to

For years now, California has led the way by setting the standard for privacy and data protection regulation in the United States. Recently— and as calls for greater controls over the addictive nature of social media grow louder—legislators in the Golden State have moved closer toward enacting a new, first-of-its-kind privacy law that would prohibit the development and utilization of “addictive” features by social media platforms. At the same time, state legislators also advanced a second bill that would put in place stringent online privacy protections for minors.

Businesses should monitor the progress of these bills closely, as their enactment—combined with an increased focus on children’s privacy by both federal lawmakers and the Federal Trade Commission (“FTC”)—may have a ripple effect in other states and municipalities, with legislators following close behind to enact similar children’s online privacy laws.Continue Reading California Moves Closer to Enacting More Stringent Online Privacy Protections for Children