Skip to main content
Skip to navigation

Regulatory Policy

California privacy reg delay offers little more than short reprieve

By Adrianne Appel2023-07-13T16:29:00

California skyline

Many businesses are breathing a sigh of relief following a court ruling that delayed enforcement of certain provisions of the California Privacy Rights Act (CPRA), but companies should not rest on their laurels, according to experts.

“This does not change their future obligations,” said Cobun Zweifel-Keegan, managing director at the International Association of Privacy Professionals, of the Sacramento County Superior Court’s June 30 decision. “The compliance target remains the same, even if the deadline shifts.”

The CPRA, which passed as a voter ballot measure in 2020 and amends the California Consumer Privacy Act (CCPA), gives California residents more control over their personal data collected by businesses.

THIS IS MEMBERS-ONLY CONTENT

You are not logged in and do not have access to members-only content.

If you are already a registered user or a member, SIGN IN now.

Related articles

Premium
Automated decision-making tech rules added to crowded CPPA agenda

2023-12-01T22:34:00Z By Adrianne Appel

The California Privacy Protection Agency drafted its rules to apply the rights allowed to residents under the California Consumer Privacy Act to automated decision-making technology used by businesses.
Premium
CPPA eyeing broad scope in early discussions around data risk assessments

2023-09-15T20:11:00Z By Adrianne Appel

Draft risk assessment regulations under the California Consumer Privacy Act are designed to prohibit businesses from handling consumer data if uncontrolled risks—to the security and privacy of the consumer, the public, or the business—outweigh the benefits.
Premium
California cybersecurity audit rule scope begins taking shape at CPPA meeting

2023-09-12T12:41:00Z By Adrianne Appel

A final version of California’s cybersecurity audit rules likely won’t be released until later next year at the earliest, according to a rough timeline discussed by the California Privacy Protection Agency.

More from Regulatory Policy

News Brief
SEC’s Crypto Task Force hits the road with nationwide roundtables

2025-08-01T22:31:00Z By Oscar Gonzalez

The Securities and Exchange Commission is taking its pro-crypto messaging on the road, planning a series of events for its Crypto Task Force that will be held across the U.S. starting on Aug. 4.
Basic Page
DOJ warns against using proxies for DEI in federally funded programs

2025-08-01T20:07:00Z By Aly McDevitt

The DOJ is warning that simply scrubbing DEI-related words from policy documents or training materials—and replacing them with thinly veiled proxies—will not protect federally funded organizations from legal scrutiny.
Article
U.K. proposes streamlining regime meant to hold fin serve executives to account

2025-07-31T20:37:00Z By Neil Hodge

When growth slows, governments often cut rules to attract investment, as the U.K. has in its financial services sector, which contributes 8.8% of GDP, but easing the “compliance burden” raises concerns about oversight, governance, and prioritizing profits over safety.