It depends.
As discussed in Q 223, the CPRA ostensibly expanded the three substantive contractual restrictions identified in the CCPA by referring to nine additional provisions that should be included within a service provider agreement by January 1, 2023. Many of the new requirements, however, may be redundant of, or subsumed within, contractual provisions that
It depends.
As discussed in Q 223, the CPRA ostensibly expanded the three substantive contractual restrictions identified in the CCPA by referring to nine additional provisions that should be included within a service provider agreement by January 1, 2023. Many of the new requirements, however, may be redundant of, or subsumed within, contractual provisions that
On Nov. 17, 2020, the Canadian government introduced the Digital Charter Implementation Act, 2020 (DCIA, or Bill C-11), a much-anticipated bill aimed at overhauling the country’s comprehensive private sector data privacy legal regime. As introduced by Minister of Innovation, Science and Economic Development Navdeep Bains, the DCIA would establish a new privacy law
Yes.
Data minimization is not addressed by most privacy laws in the United States and was not mandated by the CCPA. Privacy laws in the United States that do touch upon data minimization generally do not require it; instead, they recommend it as a best practice or as a condition for achieving a safe harbor
Yes.
The CPRA created a new sub-category of personal information that it labels “sensitive personal information.” [1] The sub-category is comprised of twenty specific data fields which include, among other things, the religious beliefs, racial origin, precise geolocation, or sexual orientation of a consumer. Beginning on January 1, 2023, consumers will have the right to
The CPRA created a new sub-category of personal information that it labels “sensitive personal information.”[1] The sub-category is comprised of twenty specific data fields which include, among other things, the religious beliefs, racial origin, precise geolocation, or sexual orientation of a consumer. Beginning on January 1, 2023, consumers will have the right to instruct,
The CPRA created a new sub-category of personal information that it labels “sensitive personal information.”[1] The sub-category is comprised of twenty specific data fields which include, among other things, the religious beliefs, racial origin, precise geolocation, or sexual orientation of a consumer. Beginning on January 1, 2023, consumers will have the right to instruct
No.
The CPRA created a new sub-category of personal information that it labels “sensitive personal information.” [1] The sub-category is comprised of twenty specific data fields which include, among other things, the religious beliefs, racial origin, precise geolocation, and sexual orientation of a consumer. Beginning on January 1, 2023, consumers will have the right to
The CCPA did not explicitly label any data type as being more, or less, “sensitive” than another, although it did confer special data security-related rights on a subset of data types.
The CPRA created a new sub-category of personal information that it labels “sensitive personal information.” [1] The sub-category is comprised of twenty specific data
No.
The CCPA did not explicitly label any data type as being more, or less, “sensitive” than another, although it did confer special data security-related rights on a subset of data types (e.g., Social Security numbers, driver’s license numbers, medical information, etc.).
The CPRA created a new sub-category of personal information that it labels “sensitive