California Privacy Protection Agency

The California Privacy Protection Agency (CPPA) has published revised draft regulations detailing what it proposes to be required of businesses under the California Consumer Privacy Act (CCPA) to assess, mitigate and document risk before engaging in specified types processing of California residents personal information, and on March 8th is set to vote on advancing them to the public comment stage of rulemaking.Continue Reading More Detail on U.S. Data Processing Assessment Requirements

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

Privacy Worlds Kristin Bryan talks to Bloomberg Law on the Supreme Court’s In re Grand Jury Dismissal | Privacy World

In case you missed it, below are recent posts from Consumer Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

Federal Court Sanctions Company for Spoilation of Evidence Over Arguments Data Settings Changed to Comply with CCPA and ISO

In case you missed it, below are recent posts from Consumer Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

Biden Administration Issues Executive Order for Privacy Shield Replacement | Consumer Privacy World

Supreme Court to Hear Pair of

On Friday, September 23, the California Privacy Protection Agency (CCPA) held a Board meeting about various CPPA administrative activities.
Continue Reading Update on the California Privacy Protection Agency: Still No Date Certain for the CPRA Regulations

In case you missed it, below are recent posts from Consumer Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

CPWs Shea Leitch and Kyle Dull to Speak at ACC South Floridas 12th Annual CLE Conference

CPWs David Oberly

The California Consumer Privacy Act (CCPA) currently has limited carve-outs for personal information (PI) collected from a job applicant, employee, owner, director, officer, medical staff member, or independent contractor of a business acting in such capacity (including, without limitation, communications, emergency contact and benefits PI) (HR data). An even broader exception applies to B-to-B communications and related PI (e.g., vendor, supplier and business customer contacts and communications) (B-to-B data). As a result, businesses subject to the CCPA are not currently required to honor CCPA rights requests received from persons concerning HR data and B-to-B data. These carve-outs are set to sunset on January 1, 2023, when the California Privacy Rights Act (CPRA), which substantially amends the CCPA, goes into full effect, at which point HR data and B-to-B data will be fully subject to all of the requirements of the CCPA/CPRA. Many business administrators had hoped that either the California legislature would extend the HR data exceptions (or maybe even make them permanent), or a federal law that limited data subject rights to traditional consumers would pass and preempt CCPA/CPRA. It is now clear that the former is impossible and the latter is highly unlikely. Accordingly, many companies have a lot to do by year-end to prepare to stand up a CCPA/CPRA program for HR data and B-to-B data.
Continue Reading HR and B-to-B Data Compliance Deadline Looming Legislative Efforts to Extend California Consumer Privacy Act Exemptions Fail

On August 24, 2022, California Attorney General Rob Bonta issued a press release announcing the first public settlement by the Office of the Attorney General (OAG) involving alleged violations of the CCPA. The settlement involves a judicial judgment, civil penalties and ongoing monitoring and reporting. The use of noncompliance letters to cajole companies into compliance over many months now appears to be a closed chapter in the CCPA saga. Season 2 promises more drama, more action and more money. Entertaining unless you are the next target!
Continue Reading The Cookie Crumbles Lessons from First California Consumer Privacy Act (CCPA) Monetary Settlement

In case you missed it, below are recent posts from Consumer Privacy World covering the latest developments on data privacy, security and innovation.Please reach out to the authors if you are interested in additional information.

Online Safety in Digital Markets Needs a Joined Up Approach with Competition Law in the UK

Chinas Didi Fined

For years now, California has led the way by setting the standard for privacy and data protection regulation in the United States. Recently and as calls for greater controls over the addictive nature of social media grow louderlegislators in the Golden State have moved closer toward enacting a new, first-of-its-kind privacy law that would prohibit the development and utilization of addictive features by social media platforms. At the same time, state legislators also advanced a second bill that would put in place stringent online privacy protections for minors.

Businesses should monitor the progress of these bills closely, as their enactmentcombined with an increased focus on childrens privacy by both federal lawmakers and the Federal Trade Commission (FTC)may have a ripple effect in other states and municipalities, with legislators following close behind to enact similar childrens online privacy laws.Continue Reading California Moves Closer to Enacting More StringentOnline Privacy Protections for Children