All CCPA articles
-
PremiumCPPA eyeing broad scope in early discussions around data risk assessments
Draft risk assessment regulations under the California Consumer Privacy Act are designed to prohibit businesses from handling consumer data if uncontrolled risks—to the security and privacy of the consumer, the public, or the business—outweigh the benefits.
-
PremiumCalifornia cybersecurity audit rule scope begins taking shape at CPPA meeting
A final version of California’s cybersecurity audit rules likely won’t be released until later next year at the earliest, according to a rough timeline discussed by the California Privacy Protection Agency.
-
PremiumFrom 5 to 11: Keeping up with new state data privacy laws
If multi-state businesses thought at the start of 2023 complying with a patchwork of U.S. state privacy laws was going to be a lot of work, now they must be overwhelmed. Experts assess the fast-evolving U.S. privacy landscape.
-
News BriefCCPA first state privacy law deemed adequate by Dubai financial hub
The Dubai International Financial Centre announced the California Consumer Privacy Act passes muster, allowing compliant California businesses to be the first permitted to transfer data with the DIFC without additional contractual measures.
-
News BriefCPPA sets sights on connected vehicles in first review
The California Privacy Protection Agency is probing the data privacy practices of connected vehicle manufacturers and their technologies as part of its first enforcement review.
-
News BriefLatest CCPA sweep targets employee, applicant info protections
The California Office of the Attorney General has turned its attention to the practices of large companies regarding the protection of the personal information of employees and job applicants as part of its latest investigative sweep under the California Consumer Privacy Act.
-
PremiumCalifornia privacy reg delay offers little more than short reprieve
Many businesses are breathing a sigh of relief following a court ruling that delayed enforcement of certain provisions of the California Privacy Rights Act, but companies should not rest on their laurels, according to experts.
-
News BriefCourt delays enforcement of CCPA changes to March 2024
Changes to the California Consumer Privacy Act expected to take effect July 1 have been stayed until March 2024 following a ruling from the Sacramento County Superior Court.
-
WebcastCPE Webcast: Lessons learned from privacy enforcement actions and emerging trends
In 2023, more American organizations than ever need to comply with stricter and wider-reaching requirements for collecting and processing personal data.
-
PremiumAs final CPRA rules trickle out, a reminder companies must ‘grow with the law’
If companies haven’t started the process of coming into compliance with the California’s sweeping new privacy law, they need to begin now.
-
OpinionLegacy of CCPA: A blueprint for prioritizing compliance
Three years in, the promise of the California Consumer Privacy Act as a means of handing down eye-watering penalties against companies for data protection violations remains unfulfilled. And yet, the expanding U.S. data privacy legislation landscape is better for this.
-
PremiumCalifornia ‘setting the tone’ for privacy push with CPRA updates
Changes to the California Consumer Privacy Act set to come over the course of 2023 strengthen the nation’s first comprehensive state privacy law to a benchmark no other states have yet to equal.
-
PremiumBest practices for navigating changing U.S. data privacy landscape
With five new or amended state laws set to hit the books in 2023, companies would be wise to ensure their data privacy compliance house is in order—and start preparing for the next wave of legislation.
-
News BriefCPPA seeking comment on cybersecurity audit, risk assessment rule adds
The California Privacy Protection Agency is seeking comment on privacy rules requiring certain large businesses to conduct annual cybersecurity audits and risk assessments if the state believes they are placing consumer data at risk.
-
News BriefCalifornia AG launches CCPA violation sweep against mobile apps
The California attorney general announced his office notified an unspecified number of businesses with mobile apps they are failing to comply with the California Consumer Privacy Act.
-
WebcastCPE Webcast: Why your CPRA compliance strategy is broken and how to fix it
It is critical for organizations to carefully assess their CPRA compliance programs to identify gaps, avoid pitfalls, and minimize risks. Even organizations that have implemented a CCPA compliance program will need to consider enhancements to meet CPRA requirements.
-
ArticleSamsung facing class action alleging CCPA violations over data breaches
Samsung collected too much personal data from customers and failed to adequately secure it, leading to two data breaches this year and potentially millions of harmed individuals, a class-action lawsuit alleges.
-
ArticleSephora fined $1.2M in first public CCPA enforcement
Cosmetics retailer Sephora agreed to pay $1.2 million in the first public enforcement action under California’s landmark consumer privacy law.
-
ArticleCalifornia privacy board moves forward with draft CPRA regulations
The California Privacy Protection Agency unveiled draft rules for the soon-to-be enacted California Privacy Rights Act at its board meeting.
-
ArticleRulemaking on CPRA facing delay
The newly formed California Privacy Protection Agency appears behind schedule on rulemaking for the transition to the California Privacy Rights Act, putting the law’s July 2023 enforcement date in question.