- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By 
Kyle Brasseur2023-03-02T14:00:00
Three years in, the promise of the California Consumer Privacy Act (CCPA) remains unfulfilled.
The law expected to rein in the questionable data protection practices of Silicon Valley tech giants has resulted in a fine against a company just once, when cosmetics retailer Sephora was penalized $1.2 million in August for failing to comply with customer data sale notification and opt-out request requirements. Not quite the bite people were expecting.
And yet, the expanding U.S. data privacy legislation landscape is better for this approach. When four additional states—Colorado, Connecticut, Utah, and Virginia—begin enforcing their respective privacy laws this year, they have a blueprint to follow for what these kind of bills should prioritize: compliance.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec.
Annual Membership best value
Subscribe now for $365
Our lowest price ($1 per day) for one year.
Register for free
Receive the CW newsletter and access CPE webcasts.
Food delivery company DoorDash agreed to pay a $375,000 fine as part of a settlement announced by California Attorney General Rob Bonta addressing alleged violations of the California Consumer Privacy Act.
The Dubai International Financial Centre announced the California Consumer Privacy Act passes muster, allowing compliant California businesses to be the first permitted to transfer data with the DIFC without additional contractual measures.
Changes to the California Consumer Privacy Act expected to take effect July 1 have been stayed until March 2024 following a ruling from the Sacramento County Superior Court.
Top-of-mind issues addressed at Compliance Week’s Third-Party Risk Management & Oversight Summit, held June 3-4 in Atlanta, included safe deployment of artificial intelligence, assessing vendor viability and sustainability, understanding the role of procurement in risk ranking, the intersection (or lack thereof) between data privacy and cybersecurity, and many others.
Anne Morriss, co-author of “Move Fast and Fix Things,” advises compliance officers to tap into curiosity, communicativeness, and comfort with discomfort to build organizational trust, fast.
Regulators and government agencies often speak to the value of empowered corporate compliance programs to advancing their mission. Why not practice what they preach by empowering compliance among their own ranks?
