1. What’s changing?

Under the current version of the California Consumer Privacy Act (“CCPA”), an employer’s obligations related to the personal information it collects from employees, applicants, and contractors residing in California (collectively, “Employment Information”) are relatively limited.  Specifically, it needs to (1) provide those individuals a “notice at collection” that discloses the categories of

On June 8, 2022, the California Privacy Protection Agency (CPPA) Board, will meet to discuss and take potential action regarding a draft of its proposed regulations. The June 8th public meeting includes an agenda item where the CPPA Board will consider “possible action regarding proposed regulations … including possible notice of proposed action.”

The passage of Prop 24, the California Privacy Rights Act of 2020 (“CPRA”), has caused a bit of confusion among businesses in California.  The confusion stems from the fact that the CPRA has an effective date of January 1, 2023, amending the existing California Consumer Privacy Act (CCPA) when it takes effect, but also immediately

The California Privacy Protection Act (CPRA) amended the California Consumer Privacy Act (CCPA) and has an operative date of January 1, 2023. The CPRA introduces new compliance obligations including a requirement that businesses conduct risk assessments. While many U.S. companies currently conduct risk assessments for compliance with state “reasonable safeguards” statutes (e.g., FloridaTexas

Here we go again! On March 15th, 2021, the California Department of Justice (“Department”) announced approval of modifications to the California Consumer Privacy Act’s (CCPA) regulations, originally introduced in December of 2020.  The new regulations mainly modify provisions related to a consumer’s right to opt out of sale of their personal information, with

The CCPA has reached the one-year mark. This is a good time for businesses to review the success of their compliance programs and recalibrate for the CCPA’s second year. Here are a few suggestions to kick off that review:

  1. Privacy Policies. The CCPA requires a business to update the information in its privacy policy

The California Consumer Privacy Act (“CCPA”) has only been in effect since January, but amendments are already on the horizon. Personal information in the employment context was highly contested during the CCPA’s amendment process prior to enactment and has continued to be a point of deliberation even after the CCPA’s effective date.

Read the full

As we recently reported, the privacy-right activist group that sponsored the California Consumer Privacy Act (“CCPA”) – Californians for Consumer Privacy – is pushing for an even more stringent privacy bill, the California Privacy Rights Act (“CPRA”). The CRPA has now qualified for the November 3, 2020 ballot, gathering more than 600,000 valid signatures as