On August 14, 2020, California Attorney General Xavier Becerra released final implementing regulations for the California Consumer Privacy Act (CCPA). The CCPA became enforceable on July 1, 2020, and Becerra’s office submitted a final proposed draft of the regulations to the California Office of Administrative Law (OAL) on June 1, 2020. The Proposed Regulations have
On January 1, 2020, California’s landmark privacy law, the California Consumer Privacy Act (CCPA), took effect. The CCPA imposes various obligations on covered businesses and provides extensive rights to consumers with respect to controlling the collection and use of their personal information. While some companies have largely completed their CCPA compliance efforts, many others are still digesting the CCPA and draft proposed regulations, and taking steps to meet the CCPA’s myriad compliance obligations.
Confusion persists about how businesses can comply with certain provisions of the CCPA. In October 2019, the California Attorney General issued proposed regulations that provide guidance on a number of key areas, but the regulations are not yet final. If adopted, violations of the proposed regulations will be treated the same as violations of the CCPA itself, with the same penalties. We have summarized the proposed regulations in previous alerts:
- Proposed CCPA Regulations from California Attorney General Just Issued: Part I – An Analysis of Required Consumer Notice
- Proposed CCPA Regulations from California Attorney General: Part II – An Analysis of Handling Consumer Requests under the CCPA
- Proposed CCPA Regulations from California Attorney General: Part III – An Analysis of the Requirement to Verify Consumer Requests and Parental Consents
- Proposed CCPA Regulations from California Attorney General: Part IV – Service Providers & Financial Incentives
Comments on the proposed regulations can be viewed here.
On April 13, a federal court ruled that theft of credit card information, even prior to misuse of that data, could permit a plaintiff to pursue claims based on a 2016 data breach at certain Kimpton hotel properties. In Walters v. Kimpton Hotel & Restaurant Group, the court denied in part Kimpton’s motion to…
California Governor Jerry Brown has signed into law Assembly Bill 1710, which includes new personal information protections that affect all businesses that “own, license, or maintain personal information about Californians.” In what may be a sign of things to come for other jurisdictions, the new law includes the nation’s first mandatory state requirement for breached…