The California Privacy Rights Act of 2020 (the “CPRA” or “Proposition 24”) labels 20 data fields as constituting “sensitive personal information.” [1] If Proposition 24 is enacted businesses would be permitted to use sensitive personal information for one of the following purposes:[2]
- Performing services reasonably expected by the consumer.[3]
- Providing goods reasonably expected