Court delays enforcement of CCPA changes to March 2024
By 
Kyle Brasseur2023-07-05T14:03:00
Changes to the California Consumer Privacy Act (CCPA) expected to take effect July 1 have been stayed until March 2024 following a ruling from the Sacramento County Superior Court.
On Friday, the court determined the California Privacy Protection Agency (CPPA) did not adopt final regulations in a timely manner as required under the California Privacy Rights Act (CPRA). The CPRA called for changes to the CCPA to be adopted by July 1, 2022; the agency in March announced the final rules.
In disagreement with the CPPA, the court ruled the CPRA as approved by California voters called for a 12-month grace period between the agency’s adoption of final regulations and their enforcement.
Related articles
-
News BriefCCPA first state privacy law deemed adequate by Dubai financial hub
The Dubai International Financial Centre announced the California Consumer Privacy Act passes muster, allowing compliant California businesses to be the first permitted to transfer data with the DIFC without additional contractual measures.
-
PremiumCalifornia privacy reg delay offers little more than short reprieve
Many businesses are breathing a sigh of relief following a court ruling that delayed enforcement of certain provisions of the California Privacy Rights Act, but companies should not rest on their laurels, according to experts.
-
News BriefIndiana privacy bill signed into law; effective 2026
Indiana became the latest in a growing number of U.S. states with a comprehensive consumer data privacy law on the books.
More from Regulatory Policy
-
News BriefFDIC eases leverage rules for banks, citing lower risk burdens
The U.S. Federal Deposit Insurance Corporation issued a final rule to change the leverage capital requirements for both large and community banks. The agency said the modification will ”reduce disincentives a banking organization may have to engage in lower-risk activities.”
-
ArticleU.K. Cyber Security and Resilience bill set to regulate critical infrastructure suppliers
Suppliers to the U.K. critical infrastructure will face new regulations to ensure they are protected from cyberattacks. The Cyber Security and Resilience Bill, introduced on November 12, also raises penalties for breaches and expands regulator powers to label certain suppliers as critical.
-
ArticleFCC rolls back Biden-era cybersecurity requirements for telecoms
Telecommunication companies are now on the honor system to protect their networks from cyber attacks, following a Federal Communications Commission (FCC) vote that removed requirements that they harden their networks.