All CPRA articles
-
Premium
As final CPRA rules trickle out, a reminder companies must ‘grow with the law’
If companies haven’t started the process of coming into compliance with the California’s sweeping new privacy law, they need to begin now.
-
Opinion
Legacy of CCPA: A blueprint for prioritizing compliance
Three years in, the promise of the California Consumer Privacy Act as a means of handing down eye-watering penalties against companies for data protection violations remains unfulfilled. And yet, the expanding U.S. data privacy legislation landscape is better for this.
-
Premium
California ‘setting the tone’ for privacy push with CPRA updates
Changes to the California Consumer Privacy Act set to come over the course of 2023 strengthen the nation’s first comprehensive state privacy law to a benchmark no other states have yet to equal.
-
News Brief
CPPA seeking comment on cybersecurity audit, risk assessment rule adds
The California Privacy Protection Agency is seeking comment on privacy rules requiring certain large businesses to conduct annual cybersecurity audits and risk assessments if the state believes they are placing consumer data at risk.
-
News Brief
California AG launches CCPA violation sweep against mobile apps
The California attorney general announced his office notified an unspecified number of businesses with mobile apps they are failing to comply with the California Consumer Privacy Act.
-
Webcast
CPE Webcast: Why your CPRA compliance strategy is broken and how to fix it
It is critical for organizations to carefully assess their CPRA compliance programs to identify gaps, avoid pitfalls, and minimize risks. Even organizations that have implemented a CCPA compliance program will need to consider enhancements to meet CPRA requirements.
-
Article
Sephora fined $1.2M in first public CCPA enforcement
Cosmetics retailer Sephora agreed to pay $1.2 million in the first public enforcement action under California’s landmark consumer privacy law.
-
Article
California privacy board moves forward with draft CPRA regulations
The California Privacy Protection Agency unveiled draft rules for the soon-to-be enacted California Privacy Rights Act at its board meeting.
-
Article
Rulemaking on CPRA facing delay
The newly formed California Privacy Protection Agency appears behind schedule on rulemaking for the transition to the California Privacy Rights Act, putting the law’s July 2023 enforcement date in question.
-
Article
Strategies for complying with multiple data privacy regimes
Complying with multiple data privacy regimes is not simple, but it is increasingly becoming expected. A panel at CW’s virtual Cyber Risk & Data Privacy Summit offered their advice regarding the current global privacy landscape.
-
Article
California privacy agency names executive director
The nation’s first state data privacy agency has selected former FTC Chief Technologist Ashkan Soltani to serve as its executive director overseeing enforcement and rulemaking of the CCPA and, eventually, the CPRA.
-
Article
California AG: ‘Great progress’ under CCPA despite no fines
California Attorney General Rob Bonta commemorated one year of CCPA enforcement with praise for the law despite there not yet being a publicly announced fine against a business.
-
Article
Colorado third state to enact comprehensive privacy law
The Colorado Privacy Act largely mirrors its predecessors in California and Virginia but includes greater fines per violation of $20,000. The law is set to take effect July 1, 2023.
-
Article
Survey: Data access further complicated by emerging privacy laws
A recent survey of 100 executives from Fortune 500 companies found more than half are struggling to balance easy access to company data with privacy and security compliance under laws like the GDPR and CCPA.
-
Article
Board members named to California’s first-in-the-nation data privacy board
The California Privacy Protection Agency, tasked with enforcing the state’s groundbreaking data privacy laws, now has a five-member board of directors.
-
Article
More than a CCPA clone? Virginia passes nation’s second comprehensive privacy law
In what might be a sign of things to come for data privacy legislation nationwide, Virginia passed the country’s second comprehensive data privacy law. How does it stack up to its peer in California?
-
Article
Temper expectations on a U.S. federal privacy law in 2021
With the collapse of the EU-U.S. Privacy Shield comes an opportunity for the United States to address its data protection shortcomings. Just don’t expect a quick fix, as a litany of issues remain.
-
Article
California voters approve creation of new state agency to enforce CCPA
California voters approved a ballot measure that will add new layers of responsibility for businesses attempting to comply with the state’s first-in-the-nation data privacy law, the California Consumer Privacy Act.
-
Article
What CCPA-affected businesses need to know about California’s next privacy initiative
Businesses with operations in California should expect their data privacy compliance obligations to get a lot more complicated next year with the California Privacy Rights Act expected to pass in November.
-
Article
Jury’s out on Wells Fargo compliance moves; Twitter #fail for Irish DPC
While it’s not yet clear whether Wells Fargo’s compliance moves (including the loss of its CCO) will pay off, we’re much more certain about the Irish Data Protection Commission’s stance on a potential Twitter fine.