Does your state have its own version of the TCPA? Yes. California has what is known as the California Consumer Privacy Act of 2018, which is located in sections 1798.100 to 1798.199.100 of the California Civil Code. The...more
In October, California enacted its newest privacy legislation, commonly referred to as the “Delete Act” (California Senate Bill No. 362). The Delete Act will allow consumers to request that any data broker that maintains any...more
In a key move to further expand consumer data rights, California Gov. Gavin Newson signed The Delete Act (S.B. 362) (the Act) into law on October 10, 2023. The Act amends California’s data broker registration law (Cal. Civ....more
California Governor Newsom recently signed SB 362, known as the Delete Act, which creates a one-time mechanism for consumers to request that data brokers delete all personal data associated with the consumer. ...more
The state of California is on the verge of amending its current data broker law with Senate Bill 362, also known as the Delete Act (“the Act”). The Act passed in the Assembly’s Committee on Privacy and Consumer Protection and...more
The Indiana Legislature is poised to pass Senate Bill 5, a comprehensive privacy statute (the “Act”), and send it on to the Governor. Once signed, the Act will become operative on January 1, 2026, and make Indiana the seventh...more
On January 1, 2023, the California Privacy Rights Act (CPRA) went into full force and effect, heralding a new era of statewide personal information (PI) regulation. The CPRA provides even more protection for California...more
A new Washington State bill works to close the gap between consumer knowledge and industry practice by providing stronger privacy protections for all Washington consumers’ health data....more
The California Privacy Rights Act will go into full effect on January 1. The CPRA is commonly referred to as a “new” act, but is actually an add-on/modification to the California Consumer Privacy Act of 2018, which has been...more
The so-called “HR exemption” taking employee and applicant personal information out of the control of the California Consumer Privacy Act (CCPA) is about to come to an end. Employers who are “businesses” for purposes of the...more
Following the passage of the California Privacy Rights Act (CPRA), for the past two years, employers have been partially exempt from many of the California Consumer Privacy Act's (CCPA) mandates pertaining to applicants,...more
Keypoint: The CPA draft rules are a complex and lengthy set of regulations that, if adopted without substantial modification, will significantly expand the CPA’s requirements and require controllers to carefully consider...more
If you’ve relied on the temporary “exemption” for employee/applicant and business-to-business (B2B) personal information under the California Consumer Privacy Act (CCPA), those exemptions will expire on January 1, 2023. The...more
The California Consumer Privacy Act (CCPA) exemptions for employee and business-to-business Personal Information (PI) likely will not be extended. Aug. 31, 2022 was the last day for each house to pass bills, per the...more
Last week, the California Legislature failed to reach agreement on an extension to the employee exemption which applies to the California Consumer Privacy Act (CCPA) which currently exempts employees and employee data from...more
For the past few years, California’s comprehensive privacy law known as the California Consumer Privacy Act (“CCPA”) included an important partial exemption for employees, applicants, and independent contractors...more
Keypoint: The California Privacy Protection Agency issued a first set of draft regulations that contain a number of notable provisions but do not address all of the CPRA’s rulemaking topics....more
Most privacy laws derive from the same core foundational principles, namely the Fair Information Practice Principles (FIPPs). This includes the California Consumer Privacy Act of 2018 (CCPA), California Privacy Rights Act of...more
Keypoint: The CPRA is relatively prescriptive in how organizations must receive and respond to consumer requests, while the CPA and VCDPA introduce an appeal process and other nuances that will require adjusting existing CCPA...more
On November 3, 2020, California voters approved Proposition 24, a ballot initiative which enacted the California Privacy Rights Act (“CPRA”). The CPRA amends the California Consumer Privacy Act (“CCPA”), the most sweeping...more
Interested parties have until November 8 to submit comments on proposed topics of CPRA rulemaking including new automated decisionmaking, risk assessments, new consumer rights, and sensitive personal information. On...more
Keypoint: The California Privacy Protection Agency initiates preliminary rulemaking activities under the California Privacy Rights Act. On Wednesday, September 22, 2021, the California Privacy Protection Agency (Agency)...more
This is the first in a series of articles about the implications of the California Privacy Rights Act for employers. - The California Privacy Rights Act (“CPRA”) expands employers’ obligations with respect to the privacy...more
Colorado became the third state to enact comprehensive data privacy legislation when Gov. Jared Polis signed the Colorado Privacy Act (CPA) on July 8, 2021. The CPA shares similarities with its stateside predecessors, the...more
Keypoint: As introduced, the Ohio Personal Privacy Act would provide Ohio residents with some rights regarding their personal data, but it is not as extensive as the CPRA, CPA, and VCDPA...more