On January 1, 2020, California’s landmark privacy law, the California Consumer Privacy Act (CCPA), took effect. The CCPA imposes various obligations on covered businesses and provides extensive rights to consumers with respect to controlling the collection and use of their personal information. While some companies have largely completed their CCPA compliance efforts, many others are still digesting the CCPA and draft proposed regulations, and taking steps to meet the CCPA’s myriad compliance obligations.
Confusion persists about how businesses can comply with certain provisions of the CCPA. In October 2019, the California Attorney General issued proposed regulations that provide guidance on a number of key areas, but the regulations are not yet final. If adopted, violations of the proposed regulations will be treated the same as violations of the CCPA itself, with the same penalties. We have summarized the proposed regulations in previous alerts:
- Proposed CCPA Regulations from California Attorney General Just Issued: Part I – An Analysis of Required Consumer Notice
- Proposed CCPA Regulations from California Attorney General: Part II – An Analysis of Handling Consumer Requests under the CCPA
- Proposed CCPA Regulations from California Attorney General: Part III – An Analysis of the Requirement to Verify Consumer Requests and Parental Consents
- Proposed CCPA Regulations from California Attorney General: Part IV – Service Providers & Financial Incentives
Comments on the proposed regulations can be viewed here.