California privacy reg delay offers little more than short reprieve
By 
Adrianne Appel2023-07-13T16:29:00
Many businesses are breathing a sigh of relief following a court ruling that delayed enforcement of certain provisions of the California Privacy Rights Act (CPRA), but companies should not rest on their laurels, according to experts.
“This does not change their future obligations,” said Cobun Zweifel-Keegan, managing director at the International Association of Privacy Professionals, of the Sacramento County Superior Court’s June 30 decision. “The compliance target remains the same, even if the deadline shifts.”
The CPRA, which passed as a voter ballot measure in 2020 and amends the California Consumer Privacy Act (CCPA), gives California residents more control over their personal data collected by businesses.
Related articles
-
PremiumAutomated decision-making tech rules added to crowded CPPA agenda
The California Privacy Protection Agency drafted its rules to apply the rights allowed to residents under the California Consumer Privacy Act to automated decision-making technology used by businesses.
-
PremiumCPPA eyeing broad scope in early discussions around data risk assessments
Draft risk assessment regulations under the California Consumer Privacy Act are designed to prohibit businesses from handling consumer data if uncontrolled risks—to the security and privacy of the consumer, the public, or the business—outweigh the benefits.
-
PremiumCalifornia cybersecurity audit rule scope begins taking shape at CPPA meeting
A final version of California’s cybersecurity audit rules likely won’t be released until later next year at the earliest, according to a rough timeline discussed by the California Privacy Protection Agency.
More from Regulatory Policy
-
ArticleFCC rolls back Biden-era cybersecurity requirements for telecoms
Telecommunication companies are now on the honor system to protect their networks from cyber attacks, following a Federal Communications Commission (FCC) vote that removed requirements that they harden their networks.
-
ArticleU.K. outlines AI sandbox plan as regulators weigh compliance risks
The U.K. has set out a new blueprint for AI regulation, which aims to slash bureaucracy and ramp up the safe adoption of new and emerging technology to unlock potential and boost investment.
-
ArticleCalifornia may create whistleblower program to root out privacy law violations
A California privacy agency plans to seek a whistleblower law, to encourage corporate employees and others to step forward with complaints about egregious privacy violations at their workplaces.