In November 2020, California voters approved Proposition 24 – also known as the California Privacy Rights Act (CPRA) – a ballot initiative that amended the California Consumer Privacy Act (CCPA). While the CCPA explicitly granted data privacy rights to California residents in their capacity as consumers, the CPRA grants employees additional rights with respect to their data rights.
Read more »Tag: ccpa
-
California Employers’ New Obligations Under the CPRA Posted on: May 11, 2022 In: Labor & Employment
-
CCPA 2.0 and the Changing Privacy Landscape, Part VII: Penalties and Enforcement Mechanisms Posted on: June 02, 2021 In: Data Privacy & Cybersecurity
As discussed throughout this series, the passage of the California Privacy Rights Act (CPRA) will change the privacy landscape in California and impact the compliance efforts of businesses serving California consumers. In addition to expansion of the rights promised to consumers under the California Consumer Privacy Act (CCPA), this seventh installment in our series discusses the new penalties and enforcement mechanisms for subject businesses created by passage of the CPRA on November 3, 2020.
Read more »
-
CCPA 2.0 and the Changing Privacy Landscape, Part VI: CPRA’s Impact On Service Providers, Contractors, and Third Parties Posted on: April 05, 2021 In: Data Privacy & Cybersecurity
As detailed in our ongoing series, the passage of the California Privacy Rights Act (CPRA) promises to drastically change the privacy landscape in the Golden State, and affect the privacy compliance efforts of many businesses that service customers in California.
Read more »
-
Virginia’s Consumer Data Protection Act: Not Quite The CCPA Posted on: March 02, 2021 In: Data Privacy & Cybersecurity
Though it seems Virginia is following California’s lead by becoming the second state with its own comprehensive data privacy legislation, Virginia’s Consumer Data Protection Act (CDPA) diverges from the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) in that it is far more business-friendly and does not have the “teeth” that the CCPA does.
Read more »
-
CCPA 2.0 and the Changing Privacy Landscape, Part V: New & Expanded Consumer Rights Posted on: February 08, 2021 In: Data Privacy & Cybersecurity
The newly-passed California Privacy Rights Act (CPRA) includes additional and expanded consumer rights not currently existing under the California Consumer Privacy Act (CCPA). This fifth installment in our series about the changes to the CCPA brought by the CPRA focuses on consumers’ new rights of correction and access to certain personal information and revisions to certain existing consumer rights in the CCPA, including rights to know (and access), deletion, non-discrimination, and rights for minors.
Read more »
-
CCPA 2.0 and the Changing Privacy Landscape, Part IV: Data Minimization & Retention Posted on: January 26, 2021 In: Data Privacy & Cybersecurity
The fourth installment in our ongoing series about changes to the California Consumer Privacy Act (CCPA) focuses on the new data minimization and data retention requirements for subject businesses created by the passage of the California Privacy Rights Act (CPRA) on November 3, 2020. These provisions also obligate subject entities to implement business-wide internal policy changes to accommodate the possible need to change their data collection and retention policies before the CPRA is fully operative.
Read more »
-
CCPA 2.0 and the Changing Privacy Landscape, Part III: Notice Obligations & Right to Opt Out Posted on: January 15, 2021 In: Data Privacy & Cybersecurity
This third installment in our ongoing series about changes to the California Consumer Privacy Act (CCPA) focuses on the new consumer opt-out rights and business disclosure obligations created by the California Privacy Rights Act (CPRA), which was approved by voters last November. Part I of this series looked at the CPRA’s definition and treatment of “sensitive personal information.” Part II discussed covered “businesses” and exemptions.
Read more »
-
CCPA 2.0 and the Changing Privacy Landscape, Part II: CPRA’s Covered “Businesses” & Exemptions Posted on: December 29, 2020 In: Data Privacy & Cybersecurity
California voters’ approval of the California Privacy Rights Act (CPRA), a privacy ballot initiative that amends and expands the California Consumer Privacy Act (CCPA), is a significant development in the U.S. privacy world. In this second installment of our Digital Insights series on the major changes effected by the CPRA, we discuss what qualifies as a regulated "business" under the Act, and what data exemptions exist.
Read more »
-
CCPA 2.0 and the Changing Privacy Landscape: CPRA’s Definition and Treatment of “Sensitive Personal Information” Posted on: December 23, 2020 In: Data Privacy & Cybersecurity
On November 3, 2020, Californians approved Proposition 24, a ballot measure creating the California Privacy Rights Act (CPRA), which amends and expands the provisions and requirements of the California Consumer Privacy Act (CCPA). In this Digital Insights series on the CPRA, we will highlight and detail some of the most substantive and important modifications the new law will impose on the CCPA, and what those changes mean to businesses subject to California’s ever-evolving privacy regime.
Read more »
-
California Voters Make CCPA 2.0 a Reality – California Privacy Rights Act Ballot Measure Passes Posted on: November 10, 2020 In: Data Privacy & Cybersecurity
On November 3, 2020, California voters approved Proposition 24, otherwise known as the California Privacy Rights Act (CPRA), a ballot measure that will expand the privacy protections for California residents under the existing California Consumer Privacy Act (CCPA). Effective January 1, 2023, the CPRA significantly amends the CCPA by expanding consumer rights, heightening privacy protections, and establishing an enforcement agency dedicated to protecting consumers through vigorous enforcement of the law.
Read more »
-
California Seeks to Heal HIPAA & CCPA Divisions with AB 713 Posted on: October 19, 2020 In: Data Privacy & Cybersecurity
On September 5, 2020 the California legislature passed AB 713, amending the California Consumer Privacy Act (CCPA). The bill alleviates some of the burdens imposed on medical research and healthcare operations by the CCPA, and imposes new requirements and restrictions on businesses that sell or disclose de-identified health data. The bill also contains an emergency clause enabling it to take effect immediately upon the governor's approval.
Read more »
-
California Legislature Extends CCPA Exemptions for Employees’ Personal Information & “Business-to-Business” Exchanges to 2022 Posted on: September 24, 2020 In: Data Privacy & Cybersecurity
But for limited exemptions added to the California Consumer Privacy Act (CCPA) last year, personal information exchanged in the employment context, and personal information collected through “business-to-business” exchanges, would be subject to all requirements of the CCPA. Those exemptions were set to expire next year. However, the California legislature has recently voted, through Assembly Bill 1281, to extend the exemptions until January 1, 2022.
Read more »