Many businesses are breathing a sigh of relief following a court ruling that delayed enforcement of certain provisions of the California Privacy Rights Act (CPRA), but companies should not rest on their laurels, according to experts.
“This does not change their future obligations,” said Cobun Zweifel-Keegan, managing director at the International Association of Privacy Professionals, of the Sacramento County Superior Court’s June 30 decision. “The compliance target remains the same, even if the deadline shifts.”
The CPRA, which passed as a voter ballot measure in 2020 and amends the California Consumer Privacy Act (CCPA), gives California residents more control over their personal data collected by businesses.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec.
Trial Membership
First week free, then $499 for an annual Membership
Cancel anytime within the trial period.
Annual Membership best value
Subscribe now for $365
Our lowest price ($1 per day) for one year.
Draft risk assessment regulations under the California Consumer Privacy Act are designed to prohibit businesses from handling consumer data if uncontrolled risks—to the security and privacy of the consumer, the public, or the business—outweigh the benefits.
A final version of California’s cybersecurity audit rules likely won’t be released until later next year at the earliest, according to a rough timeline discussed by the California Privacy Protection Agency.
If multi-state businesses thought at the start of 2023 complying with a patchwork of U.S. state privacy laws was going to be a lot of work, now they must be overwhelmed. Experts assess the fast-evolving U.S. privacy landscape.
The Financial Crimes Enforcement Network announced a notice of proposed rulemaking to extend the deadline for companies created or registered in 2024 to file their initial beneficial ownership information reports.
The Securities and Exchange Commission adopted amendments to its rule covering fund names to ensure the regulation is appropriate to address new investment drivers, namely environmental, social, and governance matters.
The actions of companies like Amazon and new legislation passed in California prove it’s no longer a question of if companies will be required to disclose their greenhouse gas emissions—it’s a question of when, experts told attendees at CW’s virtual ESG Summit.
