California ‘setting the tone’ for privacy push with CPRA updates
A bill to update California’s landmark data privacy law has only been in effect since Jan. 1, but it is already noteworthy among businesses for the robust protections it offers residents, a slew of new requirements for companies, and a certain amount of ambiguity.
The California Privacy Rights Act (CPRA), which passed as a ballot measure in 2020, expanded on the protections offered by the California Consumer Privacy Act (CCPA), the nation’s first comprehensive state data privacy law. The CPRA established the California Privacy Protection Agency (CPPA) to implement and enforce the law, a change from keeping CCPA oversight with the state attorney general.
Four other states—Colorado, Connecticut, Utah, and Virginia—have approved privacy laws taking effect this year, though none are considered as comprehensive as the California legislation.