Today, the California Office of the Attorney General (OAG) released a second set of modifications to its proposed California Consumer Privacy Act (CCPA) Regulations.
The proposed regulations were first published and noticed for public comment on October 11, 2019. On February 10, 2020, the OAG released modifications to the proposed regulations based on the earlier
Despite being in effect since Jan. 1, 2020, the California Consumer Privacy Act (CCPA) continues to generate confusion for employers of California residents. Much attention has been given to the CCPA’s effect on a business’ obligations in collecting, using, and sharing California customers’ data. However, given the CCPA’s broad “consumer” definition includes “employees,” it also imposes duties on any in-scope business that manages California employees’ data. Notably, under the CCPA, “employees” include job applicants. The CCPA thus applies to both California customers and employees/job applicants of any “business,” which is defined as a for-profit organization doing business in California that controls how personal information is processed and: (i) has gross annual revenue exceeding $25 million; (ii) buys, receives, sells, or shares personal information of 50,000 or more California consumers, households, or devices; or (iii) derives 50% or more of its annual revenue from selling personal information of California residents. Civ. Code § 1798.140(c)(1). Importantly, for the CCPA to apply, businesses do not have to be physically in California. Thus, for example, a business that does not have any facilities in California, but employs remote workers in California, could be subject to the CCPA if it meets the CCPA’s “business” definition.
Continue Reading Employers: Stop, Drop, and Ensure CCPA Compliance as to Employees Residing in California
Today, the California Office of the Attorney General (OAG) released much-anticipated revisions to its proposed implementing regulations to the California Consumer Privacy Act (CCPA).
The following were issued by the OAG on its website:
Although the California Consumer Privacy Act (CCPA) has only been in effect for a matter of weeks – and its proposed regulations are not yet finalized – it could be overhauled by a new privacy law later this year. Last fall, the group that first formulated the CCPA as a ballot initiative in 2018, Californians
On January 8, 2020, the “Virginia Privacy Act” (HB 473), was introduced for consideration to the General Assembly of Virginia. The proposed legislation includes notice requirements similar to the California Consumer Privacy Act’s (CCPA), provides consumers with rights similar to those under the EU’s General Data Protection Regulation (GDPR), and unlike either
On Jan. 6, the California attorney general (AG) issued an advisory on the CCPA, advising CA consumers of their data privacy rights, how to exercise those rights, and of their private right of action for breaches. The advisory notes that consumers were able to begin exercising the rights on Jan. 1, 2020, and that
On Nov. 5, California Congresswomen Anna G. Eshoo and Zoe Lofgren introduced the Online Privacy Act of 2019, H.R. 4978, to balance the actual needs of businesses with users’ fair privacy rights and expectations. The proposed privacy bill seeks for the United States to adopt many of the requirements of the California Consumer Privacy Act (CCPA), which is effective Jan. 1, 2020, and that exist under the EU’s General Data Protection Regulation (GDPR). Below is a brief summary of the main components of the Act. A copy of the Online Privacy Act can be found here, and a section-by-section analysis by the Congresswomen can be viewed here.
Continue Reading California Congresswomen Propose New Federal Privacy Legislation – Online Privacy Act of 2019
On the heels of the California Attorney General’s release of the draft California Consumer Privacy Act (CCPA) Regulations, on Friday Gov. Newsom signed seven bills amending various provisions of the CCPA. The relevant amendments signed by the governor are described below. With less than three months before the CCPA becomes effective on January 1,
On Oct. 10, 2019, the California Attorney General’s Office issued the California Consumer Privacy Act Proposed Regulations. The proposed regulations focus on the following CCPA provisions:
Organizations will have until December 8 to submit comments on the
While businesses prepare to comply with the California Consumer Privacy Act (CCPA), Nevada has followed California’s lead and has amended its law to provide consumers with the right to opt-out of the “sale” of their personal information by website operators.
The amendment, SB 220, will take effect October 1, 2019, three months before the