Skip to main content
Skip to navigation

Legacy of CCPA: A blueprint for prioritizing compliance

By Kyle Brasseur2023-03-02T14:00:00

Brasseur_opinion

Three years in, the promise of the California Consumer Privacy Act (CCPA) remains unfulfilled.

The law expected to rein in the questionable data protection practices of Silicon Valley tech giants has resulted in a fine against a company just once, when cosmetics retailer Sephora was penalized $1.2 million in August for failing to comply with customer data sale notification and opt-out request requirements. Not quite the bite people were expecting.

And yet, the expanding U.S. data privacy legislation landscape is better for this approach. When four additional states—Colorado, Connecticut, Utah, and Virginia—begin enforcing their respective privacy laws this year, they have a blueprint to follow for what these kind of bills should prioritize: compliance.

THIS IS MEMBERS-ONLY CONTENT

cw-membership

You are not logged in and do not have access to members-only content.

If you are already a registered user or a member, SIGN IN now.

Related articles

News Brief
DoorDash fined $375K in second public CCPA enforcement

2024-02-22T12:54:00Z By Kyle Brasseur

Food delivery company DoorDash agreed to pay a $375,000 fine as part of a settlement announced by California Attorney General Rob Bonta addressing alleged violations of the California Consumer Privacy Act.
News Brief
CCPA first state privacy law deemed adequate by Dubai financial hub

2023-08-10T16:52:00Z By Jeff Dale

The Dubai International Financial Centre announced the California Consumer Privacy Act passes muster, allowing compliant California businesses to be the first permitted to transfer data with the DIFC without additional contractual measures.
News Brief
Court delays enforcement of CCPA changes to March 2024

2023-07-05T14:03:00Z By Kyle Brasseur

Changes to the California Consumer Privacy Act expected to take effect July 1 have been stayed until March 2024 following a ruling from the Sacramento County Superior Court.

More from Opinion

Opinion
From enforcer to coach: Engineering compliance that happens at speed

2026-03-13T15:48:00Z By Tegan Gebert, Chris Audet and Doug Eckstein, CW guest columnists

New Gartner research reveals why traditional risk management is failing to keep pace with modern risks, and outlines how compliance leaders must enable organizational risk owners to build an instinctive Risk Reflex.
Opinion
Leveraging COSO to mitigate AI risk: A step-by-step guide

2026-03-12T20:37:00Z By Jonny Frank and Michael Costa, CW guest columnists

AI elevates compliance, or exposes it. The technology presents compliance leaders and lawyers with an extraordinary opportunity to elevate their roles, as well as an equally extraordinary risk of accountability when AI fails, misleads, discriminates, hallucinates, or generates unreliable outputs.
Opinion
An appreciation of CW’s data and research journalist, Aly McDevitt

2026-03-06T20:26:00Z By Tom Fox

One of the best things about writing for Compliance Week is reading the fabulous work by my colleagues. For me, CW data and research journalist Aly McDevitt has always stood out as someone whose work in reporting on and writing the Compliance Week case studies is work I have greatly ...