Archives: CCPA

Subscribe to CCPA RSS Feed

CPRA Rulemaking Begins with an Invitation by the New California Privacy Protection Agency

Photo of Justin T. YedorPhoto of Stanton BurkePhoto of Jeewon SerratoBy Justin T. Yedor, Stanton Burke and Jeewon Serrato on Posted in CCPA, CPRA, Information Security, Online Privacy, Uncategorized
By Justin Yedor, Stanton Burke, and Jeewon K. Serrato For businesses awaiting guidance on how to comply with the California Privacy Rights Act (the “CPRA”), the new California Privacy Protection Agency (“CPPA”) began the rulemaking process on September 22, 2021 with an Invitation for Preliminary Comments on Proposed Rulemaking (the “Invitation for Comment”).  In the … Continue Reading

AdTech Under the CCPA and CPRA

By Alan L. Friel and Kyle R. Fath on Posted in CCPA, CPRA
Please join us for a follow-up discussion on AdTech Under the CCPA and CPRA, originally presented as part of the PrivacyOC Privacy Week Forums 2021. Speakers Alan Friel and Kyle Fath will discuss four seemingly overlapping consumer rights under the CPRA: 1) Do Not Sell, 2) Do Not Share, 3) Do Not Profile, and 4) … Continue Reading

California Voters Approve Reworking of Landmark Consumer Privacy Law – What CCPA 2.0 Will Mean for Businesses and Consumers

By Alan L. Friel and Kyle R. Fath on Posted in CCPA
The nation awoke the morning after Election Day 2020 with much still unresolved.  By early morning Pacific Time, however, it was called by various media outlets that California voters approved a ballot measure, Proposition 24, known as the California Privacy Rights Act of 2020 (CPRA). Referred to by some as CCPA 2.0, the CPRA amends … Continue Reading

California OAG Proposes New CCPA Regs Two Weeks Before Voters Decide on the Fate of CCPA 2.0

Photo of Jeewon SerratoPhoto of Shea M. LeitchPhoto of Patrick WaldropBy Alan L. Friel, Jeewon Serrato, Shea M. Leitch and Patrick Waldrop on Posted in CCPA
On Monday, Oct. 12, the California Office of the Attorney General (the Attorney General or OAG) released a third set of proposed modifications to the California Consumer Privacy Act (CCPA) regulations (the Regulations). The full text can be found on the Attorney General’s website here. The proposed modifications to the Regulations are limited to four … Continue Reading

Jeewon Kim Serrato Co-Authors Article about Pricing, Value of Consumer Data and CCPA’s Non-Discrimination Requirement

Photo of Jeewon SerratoBy Jeewon Serrato on Posted in CCPA
Partner Jeewon Kim Serrato co-authored an article published in the California Lawyer Association’s Fall 2020 issue of the “Competition Journal” of the Antitrust, UCL and Privacy Section.  The article, “Privacy, Pricing, and the Value of Consumer Data: Complex Nature of the CCPA’s Non-Discrimination Requirement,” discusses the intersection of privacy and competition law and provides an in-depth … Continue Reading

Employee Training and Record-Keeping Requirements in the Final CCPA Regulations and a Preview of New Retention Requirements in the CPRA

Photo of Nichole SterlingPhoto of James A. ShererBy Nichole Sterling and James A. Sherer on Posted in CCPA
The California Consumer Privacy Act (CCPA) does not in itself outline specific employee training or record-keeping requirements that demonstrate business compliance with the law. However, the California attorney general’s final CCPA Regulations, intended to guide the application of the CCPA, detail that specific types of employee training and record-keeping are required for CCPA compliance. Specifically, … Continue Reading

Return to Work: What Employers Should Know About AB 1281, CCPA Notice Requirements and Recent Labor Law Guidance

Photo of Jeewon SerratoBy Alan L. Friel, Jeewon Serrato and Catrina Wang on Posted in CCPA
While most privacy news and alerts have been focused on the collection and processing of customer data (see our earlier posts about interest-based advertising and the House Judiciary Committee’s Antitrust Hearing with Big Tech, for example), privacy issues related to data collected from employees and business-to-business (B2B) contacts increasingly are becoming a concern for businesses. … Continue Reading

IAB Launches CCPA Benchmark Survey

Photo of Taylor A. BloomPhoto of Gerald J. FergusonPhoto of Linda A. GoldsteinBy Taylor A. Bloom, Kyle R. Fath, Gerald J. Ferguson, Alan L. Friel and Linda A. Goldstein on Posted in Advertising, CCPA
The Interactive Advertising Bureau (IAB), a leading advertising industry organization, has launched a CCPA Benchmark Survey to assess how companies across the digital advertising ecosystem are approaching CCPA compliance. The survey provides an opportunity for companies to anonymously report on their handling of various CCPA matters, including to provide statistics relating to the number of … Continue Reading

CCPA Final Regulations, with a Few Unexpected Changes

Photo of Jeewon SerratoPhoto of Stanton BurkePhoto of Taylor A. BloomBy Alan L. Friel, Jeewon Serrato, Stanton Burke, Kyle R. Fath, Taylor A. Bloom and Catrina Wang on Posted in CCPA
On Friday, August 14, 2020, California Attorney General Xavier Becerra announced approval by the Office of Administrative Law (OAL) of final regulations (Final Regs) under the California Consumer Privacy Act (CCPA). Proposed final regulations were submitted to the OAL by the Office of the Attorney General (OAG) on June 1, 2020. During OAL’s review process, … Continue Reading

California AG Begins CCPA Enforcement

Photo of Jeewon SerratoPhoto of Andreas KaltsounisPhoto of Stanton BurkeBy Jeewon Serrato, Andreas Kaltsounis and Stanton Burke on Posted in CCPA
Last week, the International Association of Privacy Professionals hosted a keynote session with Stacey Schesser, supervising deputy attorney general (AG) of the California Department of Justice, to discuss the July 1 start of the AG’s enforcement authority under the California Consumer Privacy Act (CCPA). The deputy AG discussed the current scope of the AG’s enforcement authority and confirmed that on July 1, … Continue Reading

CCPA Final Regulations Published in Advance of July 1 Enforcement Date

Photo of Jeewon SerratoBy Alan L. Friel and Jeewon Serrato on Posted in CCPA
On June 1, 2020, the Office of the California Attorney General (OAG) submitted the final proposed regulations (final regs) under the California Consumer Privacy Act (CCPA or the Title) to the California Office of Administrative Law (OAL). OAL now has 30 working days, plus an additional 60 calendar days under Executive Order N-40-20 related to … Continue Reading

CCPA Compliance Meets Trade Secret Protection: A Peaceful Coexistence?

Photo of C. Dennis LoomisPhoto of Jeewon SerratoBy C. Dennis Loomis, Alan L. Friel, Jeewon Serrato and Catrina Wang on Posted in CCPA
Since the California Consumer Privacy Act (CCPA) went live on January 1, 2020, businesses have been working to develop procedures for lawfully complying with requests from California consumers relating to their personal information. Such requests may provoke a vexing question for which there currently is no definitive answer in the CCPA: What is the business … Continue Reading

Upcoming Webinars

Photo of BakerHostetlerBy BakerHostetler on Posted in Advertising, CCPA
April 23, 2020: Marketing, Promoting and Pricing Your Products During the Pandemic For some companies, the COVID-19 pandemic has meant trying to cope with flying-off-the-shelf demand; for others, it has meant retail shutdowns, force majeure and trying to find creative new ways to keep sales afloat. For all of us, it has been a time … Continue Reading

California AG Releases Second Set of Modified CCPA Regulations

Photo of Taylor A. BloomBy Alan L. Friel, Taylor A. Bloom, Kyle R. Fath and Catrina Wang on Posted in CCPA, Consumer Data
On March 11, 2020, the California Attorney General published a third version of the proposed regulations to implement the California Consumer Protection Act available here. A redline showing changes against both the initial draft regulations (published October 11, 2019) and the first modified draft (published February 10, 2020) is available here. Notably, the latest regulations … Continue Reading

Ad Industry Split on Cookies and CCPA

Photo of Taylor A. BloomBy Alan L. Friel, Taylor A. Bloom, Kyle R. Fath and Catrina Wang on Posted in Advertising, CCPA
Owners of websites and mobile applications that utilize cookies and other tracking technologies, e.g., pixels, app SDKs (tracking technologies), for interest-based advertising and other activities inherently share data across the digital ecosystem and will have to address these activities as part of their greater California Consumer Privacy Act (CCPA) compliance approach. In particular, the CCPA’s … Continue Reading

California AG Releases Modified CCPA Regulations

By Alan L. Friel on Posted in CCPA
UPDATE:  On February 10, the California Attorney General updated the modified regulations that were issued on February 7.  The updated modified regulations are available here. The public comment period has been extended by one day to February 25, 2020. On February 7, 2020 the California Attorney General published a second version of the proposed regulations … Continue Reading

California AG Press Release Emphasizes CCPA’s Jan. 1 Effective Date and Data Broker Registry, Provides No Update on Draft Regulations

By Kyle R. Fath on Posted in CCPA
On Jan. 6, 2020, the California attorney general (AG) released a CCPA advisory press release and reiterated what we already know – that “businesses subject to CCPA [are] required to begin complying with the law on January 1, 2020” and that California residents are afforded new data privacy rights under the CCPA. Unfortunately, the advisory did not provide any details … Continue Reading

Is the CCPA’s Private Right of Action Provision Retroactive?

Photo of Sean SolisBy Sean Solis on Posted in CCPA
With the California Consumer Privacy Act (CCPA) – the strictest privacy law in the nation – now in effect, an important question for businesses to consider is whether it applies to conduct that occurred prior to the law’s effective date of Jan. 1. This question is particularly relevant to the private right of action section … Continue Reading

Words Matter: Interpreting the CCPA’s Private-Right-of-Action Provision

Photo of Matthew D. PearsonPhoto of Casie CollignonBy Matthew D. Pearson and Casie Collignon on Posted in CCPA
Subject to certain exceptions, the California Consumer Privacy Act (CCPA) provides a private right of action to “[a]ny consumer whose nonencrypted and nonredacted personal information … is subject to an unauthorized access and exfiltration, theft, or disclosure as a result of the business’s violation of the duty to implement and maintain reasonable security procedures and … Continue Reading

CCPA Notice Requirements for Statutory Damages

Photo of James MorrisonPhoto of Casie CollignonBy James Morrison and Casie Collignon on Posted in CCPA
Beginning on Jan. 1, 2020, companies that collect personal information of California residents need to be prepared to prevent and defend against potentially catastrophic litigation if such personal information becomes compromised. Specifically, under the California Consumer Protection Act (CCPA), any California consumer whose nonencrypted or nonredacted personal information is subject to unauthorized access and exfiltration, … Continue Reading
LexBlog