In a potentially significant development for companies subject to the California Consumer Privacy Act, as amended (CCPA), on Feb. 9, California’s Third District Court of Appeal overturned a Superior Court decision issued in June 2023 that had stayed the enforcement of new CCPA regulations finalized by the California Privacy Protection Agency (CPPA), first-in-the-nation privacy regulator
How do state privacy statutes differ in their definitions of ‘targeted advertising’?
Most modern U.S. data privacy statutes require companies to allow data subjects to opt out of having their personal information (PI) used for targeted advertising. As the following chart indicates, the term “targeted advertising” is defined consistently between and among most state statutes with the notable exception of the California Consumer Privacy Act (CCPA) and…
How do state statutes differ in terms of their ‘targeted advertising’ exemptions?
The term “targeted advertising” is defined relatively consistently between and among modern U.S. data privacy statutes with the notable exception of California which deviates somewhat in the California Privacy Rights Act’s (CPRA) definition of the similar term “cross-context behavioral advertising” by omitting any reference to tracking a person over time or making predictions about a…
Under modern US privacy laws, is an organization required to distribute its privacy notice to every individual whose information is used to train an AI?
Probably not.
Under the European GDPR, if the personal information that an organization is going to use as part of training an AI has been collected directly from individuals, then those individuals should be provided with a copy of the organization’s privacy notice “at the time when personal data are obtained.”[1] If the personal…
Enforcement of CCPA, As Amended, Now Begins; Revised Regulations To Be Enforced March 29, 2024
On June 30, 2023, the Superior Court for the County of Sacramento issued a minute order enjoining the California Privacy Protection Agency (CPPA or Agency) from enforcing updates to the existing CCPA regulations until March 29, 2024, twelve months after they were finalized. However, the Agency’s enforcement of the CCPA, as now amended by the California…
May 10-12 | Privacy + Security Forum 2023 Spring Academy
Greenberg Traurig is a sponsor of the Privacy + Security Forum 2023 Spring Academy May 10-12 in Washington, DC. The conference will break down the silos of privacy and security and bring together seasoned thought leaders, who will host virtual sessions and workshops designed to deliver practical takeaways for all conference participants.
Wednesday, May 10…
Updated CCPA Regulations Approved
Three months prior to the enforcement date of the California Consumer Privacy Act (CCPA), as amended, the California Office of Administrative Law approved the updated CCPA Regulations (final rulemaking documents will be posted here after processing). These updates take into account the CCPA’s expanded scope following its amendment by the California Privacy Rights…
CPRA’s effective date is around the corner… but how many businesses actually updated their privacy policies the first time for the CCPA?
In order to help businesses understand and benchmark industry practice, Greenberg Traurig attorneys analyzed the publicly available privacy policies of companies within the Fortune 500.[1] As of October 2022 – nearly two years after the CCPA took effect – 71% of companies had updated their privacy policies to account for the CCPA.[2] It…
Privacy Considerations for the End of 2022
Jan. 1 is approaching, and with it comes new requirements under the California Consumer Privacy Act (CPRA) and the Virginia Consumer Data Protection Act (VCDPA). What should you and your company be focusing on to ensure you are prepared for the looming compliance deadline? This Data Privacy Dish post offers end-of-year considerations for closing out…
California Privacy Rights Act Nudges State Closer to the GDPR
After Europe blazed the trail by passing the sweeping General Data Protection Regulation (“GDPR”) in 2016, California followed closely in the footsteps of European efforts by passing the most comprehensive data privacy law in the United States, the California Consumer Privacy Act (the “CCPA”). Effective January 1, 2020, the CCPA provided a number of obligations…