Does your state have its own version of the TCPA? Yes. California has what is known as the California Consumer Privacy Act of 2018, which is located in sections 1798.100 to 1798.199.100 of the California Civil Code. The...more
In October, California enacted its newest privacy legislation, commonly referred to as the “Delete Act” (California Senate Bill No. 362). The Delete Act will allow consumers to request that any data broker that maintains any...more
California Governor Newsom recently signed SB 362, known as the Delete Act, which creates a one-time mechanism for consumers to request that data brokers delete all personal data associated with the consumer. ...more
The state of California is on the verge of amending its current data broker law with Senate Bill 362, also known as the Delete Act (“the Act”). The Act passed in the Assembly’s Committee on Privacy and Consumer Protection and...more
The Indiana Legislature is poised to pass Senate Bill 5, a comprehensive privacy statute (the “Act”), and send it on to the Governor. Once signed, the Act will become operative on January 1, 2026, and make Indiana the seventh...more
On January 1, 2023, the California Privacy Rights Act (CPRA) went into full force and effect, heralding a new era of statewide personal information (PI) regulation. The CPRA provides even more protection for California...more
The California Privacy Rights Act will go into full effect on January 1. The CPRA is commonly referred to as a “new” act, but is actually an add-on/modification to the California Consumer Privacy Act of 2018, which has been...more
The so-called “HR exemption” taking employee and applicant personal information out of the control of the California Consumer Privacy Act (CCPA) is about to come to an end. Employers who are “businesses” for purposes of the...more
Following the passage of the California Privacy Rights Act (CPRA), for the past two years, employers have been partially exempt from many of the California Consumer Privacy Act's (CCPA) mandates pertaining to applicants,...more
Keypoint: The CPA draft rules are a complex and lengthy set of regulations that, if adopted without substantial modification, will significantly expand the CPA’s requirements and require controllers to carefully consider...more
If you’ve relied on the temporary “exemption” for employee/applicant and business-to-business (B2B) personal information under the California Consumer Privacy Act (CCPA), those exemptions will expire on January 1, 2023. The...more
The California Consumer Privacy Act (CCPA) exemptions for employee and business-to-business Personal Information (PI) likely will not be extended. Aug. 31, 2022 was the last day for each house to pass bills, per the...more
Last week, the California Legislature failed to reach agreement on an extension to the employee exemption which applies to the California Consumer Privacy Act (CCPA) which currently exempts employees and employee data from...more
For the past few years, California’s comprehensive privacy law known as the California Consumer Privacy Act (“CCPA”) included an important partial exemption for employees, applicants, and independent contractors...more
Most privacy laws derive from the same core foundational principles, namely the Fair Information Practice Principles (FIPPs). This includes the California Consumer Privacy Act of 2018 (CCPA), California Privacy Rights Act of...more
Keypoint: The CPRA is relatively prescriptive in how organizations must receive and respond to consumer requests, while the CPA and VCDPA introduce an appeal process and other nuances that will require adjusting existing CCPA...more
On November 3, 2020, California voters approved Proposition 24, a ballot initiative which enacted the California Privacy Rights Act (“CPRA”). The CPRA amends the California Consumer Privacy Act (“CCPA”), the most sweeping...more
Interested parties have until November 8 to submit comments on proposed topics of CPRA rulemaking including new automated decisionmaking, risk assessments, new consumer rights, and sensitive personal information. On...more
Keypoint: The California Privacy Protection Agency initiates preliminary rulemaking activities under the California Privacy Rights Act. On Wednesday, September 22, 2021, the California Privacy Protection Agency (Agency)...more
Colorado became the third state to enact comprehensive data privacy legislation when Gov. Jared Polis signed the Colorado Privacy Act (CPA) on July 8, 2021. The CPA shares similarities with its stateside predecessors, the...more
Keypoint: Modifications to the CCPA regulation’s provisions regarding requests to opt-out and authorized agent requests are now final. On March 15, 2021, the California Attorney General’s office announced that the Office...more
On November 3, 2020, Californians approved another significant piece of privacy rights legislation, the California Privacy Rights Act, or the CPRA. The CPRA amends and expands the already (almost) infamous CCPA (California...more
The California Privacy Rights Act (CPRA) expands the definition of personal information as it currently exists in the California Consumer Privacy Act (CCPA). The CPRA adds “sensitive personal information” as a defined term,...more
The California Consumer Privacy Act (CCPA) created groundbreaking new rules for how businesses must handle California consumers’ personal data and spurred proposals for similar legislation across the country. ...more
On September 29, 2020, California Governor Newsom signed Assembly Bill 1281 ("AB 1281") into law, which is good news for employers and those who engage in business-tobusiness ("B2B") transactions that fall within the scope of...more