The Software Alliance filed comments to the California Attorney General on draft regulations to implement the California Consumer Privacy Act (CCPA) intended to avoid upsetting the business-service provider relationship set...more
A “sale” by any other name?
“We consider, and think the average consumer would consider, that when information is exchanged across devices and platforms, such that an ad follows the consumer from desktop to phone and from...more
The Digital Advertising Alliance has published guidance on the use of a tool for opt out requests under CCPA under its (voluntary) self-regulatory principles....more
The European Data Protection Supervisor (EDPS) has issued guidance on the concepts of data controller and processor for European Union organizations. Though it covers EU institutions, the guidance contains many concepts that...more
11/14/2019
/ California Consumer Privacy Act (CCPA) ,
Corporate Counsel ,
Cybersecurity ,
Data Collection ,
Data Controller ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Security ,
EU ,
General Data Protection Regulation (GDPR) ,
Personal Data ,
Popular
The California Attorney General attached a Standardized Regulatory Impact Assessment (SRIA) of the economic impact of the draft California Consumer Privacy Act (CCPA) Regulations to the draft regulations. Some key...more
Do the draft CCPA Regulations make a big difference in compliance costs where it comes to privacy notices? Standardized Regulatory Impact Assessment (SRIA) of the economic impact of the draft CCPA Regulations says – maybe...more
The California Attorney General considered and rejected the creation of a safe harbor exemption from the CCPA for businesses that are already complying with GDPR, says the statement of reasons that accompanies the draft CCPA...more
A survey of 777 registered voters in California showed 88 percent would support The California Privacy Rights Enforcement Act (CPREA), a 2020 ballot measure related to expansion of protections for personal information....more
For a less conservative take, here are the Ten Commandments of California Consumer Privacy Act Compliance:
• Thou shalt make for yourself a person overseeing privacy compliance in thine corporation....more
On Thursday, October 10, the California Attorney General issued draft regulations for the California Consumer Privacy Act. The regulations are open for public comment until December 6, 2019. Much has been written about the...more
10/14/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Opt-Outs ,
Personal Information ,
Privacy Laws ,
Right to Delete
Providers of services that involve the personal information of California residents: What do the proposed CCPA Regs mean for your compliance?...more
The California Attorney General has issued long-awaited draft regulations for the California Consumer Privacy Act (CCPA), which is scheduled to take effect in 2020....more
A local Munich court has interpreted the right of access under Article 15 of GDPR and German law. Here are some key takeaways for GDPR and for consumer access requests under CCPA:
The right of access under GDPR is a...more
Un-broker my heart, a late amendment to the CCPA has added data broker registration to the mix.
All data brokers as defined in amendment AB-1202 are required to:
register with the Attorney General on or before January...more
Three proposed amendments to the California Consumer Privacy Act were themselves amended on September 6. Here is a summary of the major changes, with links to the current version of each proposed amendment:
Until 1/1/2021...more
CISO members of the Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) published a white paper to help cybersecurity leaders in retail and hospitality prepare for compliance with the California Consumer...more
How do you verify the identity of an individual requesting access to their data or that data be deleted?
The Dutch Data Protection Authority, Autoriteitpersoonsgegevens, offers guidance which can be helpful and instructive...more
6/21/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Protection Authority ,
General Data Protection Regulation (GDPR) ,
Netherlands ,
Personally Identifiable Information ,
Privacy Laws
The Swedish Data Protection Authority has initiated an inquiry into how song streaming provider Spotify handles data access requests....more
CCPA is coming to a data broker near you?
If passed, AB 1202, one of the amendments making its way through the California legislature, will:
require data brokers to register with the California Attorney General and...more
Why Covered Entities and Business Associates Cannot Ignore the New California Data Privacy Law-
The California Consumer Privacy Act (CCPA) applies to a wide range of for-profit businesses that collect the personal...more
The California Consumer Privacy Act (CCPA), a broad-based law protecting information that identifies California residents, was passed in June 2018 and will take effect in 2020. Dubbed “GDPR Lite,” to denote its similarities...more
The California Consumer Privacy Act (CCPA), which takes effect in 2020, has been dubbed “GDPR-Lite” or “California GDPR” because it shares many concepts and compliance obligations with the EU General Data Protection...more
5/9/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
General Data Protection Regulation (GDPR) ,
Opt-Outs ,
Personally Identifiable Information ,
Popular ,
Privacy Laws ,
Right to Delete
The California Consumer Privacy Act (CCPA) and the EU General Data Protection Regulation (GDPR) apply even to companies with fewer than 250 employees… but they may not know it yet.
A recent study reveals that “Company size...more
A survey shows that most companies are not yet ready for the California Consumer Privacy Act (CCPA), and this includes companies that have undergone compliance processes for the EU General Data Protection Regulation (GDPR)....more
Privacy law experts warn companies not to assume they can comply with the California Consumer Privacy Act (CCPA) because they are in compliance with the EU’s General Data Protection Regulation (GDPR)....more