On June 3, 2025, the California Senate unanimously passed Senate Bill 690 (SB 690), a bill that seeks to add a “commercial business purposes” exception to the California Invasion of Privacy Act (CIPA).
After multiple readings on the Senate floor, SB 690 passed as amended, and will now proceed to the California State Assembly. SB 690, as originally drafted, was explicitly made retroactive to any cases pending as of January 1, 2026. The most recent amendments on the Senate floor remove the retroactivity provisions, meaning the bill, if passed by the Assembly and signed by the Governor, will only apply prospectively. The amendments to remove the retroactive provisions of SB 690 are not unexpected. Retroactive application provisions are traditionally frowned upon by the California legislature and may offend due process principles.
If passed, SB 690 would exempt the use of certain online tracking technologies from violating CIPA, provided they are used for a “commercial business purpose” and comply with existing privacy laws like the California Consumer Privacy Act (CCPA). SB 690 could significantly impact prospective litigation under CIPA for online business activities. Indeed, there may be the proverbial “rush to the courthouse” if plaintiffs and plaintiffs’ attorneys begin to feel that passage of SB 690 is forthcoming or likely, now that the bill will proceed to the State Assembly.
Businesses may want to consider engaging their government relations teams or contacting members of the California State Assembly to express their positions on the bill as it now passes to the other chamber of the California legislature.
