Archives: CCPA

California AG Begins CCPA Enforcement

By Jeewon Serrato, Andreas Kaltsounis and Stanton Burke on July 16, 2020 Posted in CCPA

Last week, the International Association of Privacy Professionals hosted a keynote session with Stacey Schesser, supervising deputy attorney general (AG) of the California Department of Justice, to discuss the July 1 start of the AG’s enforcement authority under the California Consumer Privacy Act (CCPA). The deputy AG discussed the current scope of the AG’s enforcement authority and confirmed that on July 1, … Continue Reading

CCPA Final Regulations Published in Advance of July 1 Enforcement Date

By Alan L. Friel and Jeewon Serrato on June 10, 2020 Posted in CCPA

On June 1, 2020, the Office of the California Attorney General (OAG) submitted the final proposed regulations (final regs) under the California Consumer Privacy Act (CCPA or the Title) to the California Office of Administrative Law (OAL). OAL now has 30 working days, plus an additional 60 calendar days under Executive Order N-40-20 related to … Continue Reading

Three Paths to Final CCPA Regulations by July 1

By Taylor A. Bloom, Kyle R. Fath and Gerald J. Ferguson on May 29, 2020 Posted in CCPA

The California Consumer Privacy Act (CCPA) requires the California Attorney General (AG) to issue regulations to “further the purposes of the title” by July 1, 2020. As that date quickly approaches, various rumors have been circulating about the status of the final regulations and whether they will actually be issued by July 1, or at … Continue Reading

CCPA Compliance Meets Trade Secret Protection: A Peaceful Coexistence?

By C. Dennis Loomis, Alan L. Friel, Jeewon Serrato and Catrina Wang on May 12, 2020 Posted in CCPA

Since the California Consumer Privacy Act (CCPA) went live on January 1, 2020, businesses have been working to develop procedures for lawfully complying with requests from California consumers relating to their personal information. Such requests may provoke a vexing question for which there currently is no definitive answer in the CCPA: What is the business … Continue Reading

Upcoming Webinars

By BakerHostetler on April 21, 2020 Posted in Advertising, CCPA

April 23, 2020: Marketing, Promoting and Pricing Your Products During the Pandemic For some companies, the COVID-19 pandemic has meant trying to cope with flying-off-the-shelf demand; for others, it has meant retail shutdowns, force majeure and trying to find creative new ways to keep sales afloat. For all of us, it has been a time … Continue Reading

Additional 6-Month CCPA Extension Sought in Wake of COVID-19

By Alan L. Friel, Gerald J. Ferguson and Taylor A. Bloom on March 18, 2020 Posted in CCPA

On March 18, we filed a request to the California Attorney General, as part of the CCPA rulemaking process, seeking an additional six month delay in the enforcement of the CCPA to allow our clients time to better focus on business continuity and the safety of consumers and employees in response to the national COVID-19 … Continue Reading

CCPA Class Actions: Can They Include a Blast From the Past?

By Casie Collignon on March 13, 2020 Posted in CCPA, Healthcare

Our Digital Assets and Data Management teams have been tracking all aspects of the CCPA, so when Fuentes v. Sunshine Behavioral Health Group, LLC (Case No. 8:20-cv-00487, Central District of California) was filed on March 10, 2020, alleging a direct claim for violation of the CCPA, we were interested to see how CCPA allegations are … Continue Reading

California AG Releases Second Set of Modified CCPA Regulations

By Alan L. Friel, Taylor A. Bloom, Kyle R. Fath and Catrina Wang on March 11, 2020 Posted in CCPA, Consumer Data

On March 11, 2020, the California Attorney General published a third version of the proposed regulations to implement the California Consumer Protection Act available here. A redline showing changes against both the initial draft regulations (published October 11, 2019) and the first modified draft (published February 10, 2020) is available here. Notably, the latest regulations … Continue Reading

Ad Industry Split on Cookies and CCPA

By Alan L. Friel, Taylor A. Bloom, Kyle R. Fath and Catrina Wang on March 10, 2020 Posted in Advertising, CCPA

Owners of websites and mobile applications that utilize cookies and other tracking technologies, e.g., pixels, app SDKs (tracking technologies), for interest-based advertising and other activities inherently share data across the digital ecosystem and will have to address these activities as part of their greater California Consumer Privacy Act (CCPA) compliance approach. In particular, the CCPA’s … Continue Reading

California AG Releases Modified CCPA Regulations

By Alan L. Friel on February 7, 2020 Posted in CCPA

UPDATE: On February 10, the California Attorney General updated the modified regulations that were issued on February 7. The updated modified regulations are available here. The public comment period has been extended by one day to February 25, 2020. On February 7, 2020 the California Attorney General published a second version of the proposed regulations … Continue Reading

California AG Press Release Emphasizes CCPA’s Jan. 1 Effective Date and Data Broker Registry, Provides No Update on Draft Regulations

By Kyle R. Fath on January 14, 2020 Posted in CCPA

On Jan. 6, 2020, the California attorney general (AG) released a CCPA advisory press release and reiterated what we already know – that “businesses subject to CCPA [are] required to begin complying with the law on January 1, 2020” and that California residents are afforded new data privacy rights under the CCPA. Unfortunately, the advisory did not provide any details … Continue Reading

Is the CCPA’s Private Right of Action Provision Retroactive?

By Sean Solis on January 9, 2020 Posted in CCPA

With the California Consumer Privacy Act (CCPA) – the strictest privacy law in the nation – now in effect, an important question for businesses to consider is whether it applies to conduct that occurred prior to the law’s effective date of Jan. 1. This question is particularly relevant to the private right of action section … Continue Reading

Words Matter: Interpreting the CCPA’s Private-Right-of-Action Provision

By Matthew D. Pearson and Casie Collignon on December 18, 2019 Posted in CCPA

Subject to certain exceptions, the California Consumer Privacy Act (CCPA) provides a private right of action to “[a]ny consumer whose nonencrypted and nonredacted personal information … is subject to an unauthorized access and exfiltration, theft, or disclosure as a result of the business’s violation of the duty to implement and maintain reasonable security procedures and … Continue Reading

CCPA Notice Requirements for Statutory Damages

By James Morrison and Casie Collignon on December 16, 2019 Posted in CCPA

Beginning on Jan. 1, 2020, companies that collect personal information of California residents need to be prepared to prevent and defend against potentially catastrophic litigation if such personal information becomes compromised. Specifically, under the California Consumer Protection Act (CCPA), any California consumer whose nonencrypted or nonredacted personal information is subject to unauthorized access and exfiltration, … Continue Reading

BakerHostetler Comments on Draft CCPA Regulations

By Kyle R. Fath and Taylor A. Bloom on December 9, 2019 Posted in CCPA

The California attorney general (the AG) has concluded the first round of public comments on the proposed regulations that would serve to interpret and implement California’s sweeping new privacy law, the California Consumer Privacy Act (the CCPA). After just under two months since the release of the proposed regulations (the Regs) by the AG and … Continue Reading

Record-Keeping and Training Requirements in the Proposed Regulations for the CCPA

By Nichole Sterling and James A. Sherer on November 26, 2019 Posted in CCPA

The California Consumer Privacy Act (CCPA), California Civil Code §1798.100 and following, does not in itself outline specific training and record-keeping requirements that demonstrate business compliance with consumer requests. However, in October 2019, the California attorney general proposed additional CCPA Regulations intended to guide the application of the CCPA, and Section 999.317 of the proposed … Continue Reading

Refine CCPA Compliance Plan with the Regulations in Mind

By Alan L. Friel on November 18, 2019 Posted in CCPA

We previously announced the publication of the first set of proposed regulations that will implement the California Consumer Privacy Act (CCPA), which goes into effect January 1, 2020. Partner Alan Friel has authored an article published by OneTrust DataGuidance that details how the proposed regulations – and a half dozen amendments to the CCPA that … Continue Reading

Children’s Privacy Law Updates: Tricks or Treats?

By Carolina Alonso and Patrick Waldrop on October 31, 2019 Posted in CCPA, Children’s Privacy

It’s finally here! Halloween, the day every kid dreams of for months. It’s a scary time in the world of children’s privacy law – what with the California Consumer Privacy Act (CCPA) lurking around the corner and the specter of FTC enforcement still lingering in the air. But this year, you’ve planned. You know exactly … Continue Reading

IAB Releases Draft CCPA Compliance Framework for Digital Advertising Industry

By Kyle R. Fath on October 25, 2019 Posted in Advertising, CCPA

The Interactive Advertising Bureau (IAB) publicly released its draft CCPA Compliance Framework for Publishers and Technology Companies (“Framework”) on Oct. 22, 2019. As we reported here, the Framework is being developed by the IAB and the IAB Tech Lab to address the challenges of the CCPA’s Do Not Sell obligation as it relates to interest-based … Continue Reading

A Balancing Act: A Brief Overview of California Privacy Laws

By Kamran Salour on October 23, 2019 Posted in CCPA

The California Consumer Privacy Act (“CCPA”) takes effect on January 1, 2020. The CCPA aims to provide consumers with an unprecedented array of rights concerning the control of their personal information and, correspondingly, imposes an unprecedented array of obligations upon businesses concerning consumers’ personal information. These obligations are not without limitation, however; the CCPA strives … Continue Reading

Just When You Thought It Was Safe to Go Back into the Water – CCPA 2, the Sequel

By Alan L. Friel and Daniel Pepper on October 21, 2019 Posted in CCPA

If you’ve been feeling encouraged about your company’s preparation for the California Consumer Privacy Act’s (CCPA) launch on January 1, 2020, you may not want to breathe a sigh of relief just yet. Alastair Mactaggart, the founder and board chair of Californians for Consumer Privacy (one of the coauthors of the CCPA), is hoping that … Continue Reading

CCPA Amendments Signed into Law by California Governor

By Kyle R. Fath on October 14, 2019 Posted in CCPA

On Friday, October 11, 2019, California’s governor signed into law each of the six CCPA amendment bills passed by the legislature, bringing some finality and clarity to the scope of the CCPA (at least with respect to details which will not be affected by the attorney general’s regulations). In addition to signing into law A.B. … Continue Reading

CCPA Regs: “This is the meat on the bones….”

By Alan L. Friel on October 10, 2019 Posted in CCPA

“Data is today’s gold. Everyone is rushing to mine data. Here in California, we are not unfamiliar with gold rushes… [in fact,][w]e are better than Captain Kirk and the Enterprise. We are going [with the CCPA regulations] to where no one has gone before! [A]nd it’s going to be a great series, maybe they will … Continue Reading

CCPA Exceptions: What Qualifies as Activity ‘Wholly Outside’ of California?

By Arielle Brown and Melinda L. McLellan on September 18, 2019 Posted in CCPA

Much has been said about the scope of the California Consumer Privacy Act (CCPA) and the far-reaching implications the law will have on businesses throughout the United States. Although it is true that the territorial reach of the law is broad, it is not without limits. The CCPA explicitly includes a geographic exception that may … Continue Reading