The Consumer Privacy Rights Act (“CPRA”) amended the California Consumer Privacy Act of 2018 (“CCPA”). The CPRA also created the California Privacy Protection Agency (“Agency”) to implement and enforce laws for the CCPA. As part of the Agency’s rulemaking authorities, the Agency published their first set of regulations which, among other things, update previous regulations to conform with the amendments to the CCPA through the CPRA.

On Friday, January 27, 2023, California Attorney General Rob Bonta announced an investigative sweep, sending letters to businesses with mobile apps that fail to comply with the California Consumer Privacy Act (CCPA).

Senator Earl Carter announced that he will be forming a bipartisan congressional caucus on vehicle data access. The caucus will be formed to address policy issues related to the access, use, and control of data generated by telematics programs and other vehicle monitoring systems. These programs use GPS and other systems to monitor drivers’ mileage and driving habits.

A new bill, Senate Bill (“SB”) 346, is before the Governor of California to further protect Californians’ privacy. California already passed laws to protect consumer data collected by businesses through the California Consumer Protection Act (“CCPA”). Now, SB 346 aims to protect consumers from collecting and sharing data from in-vehicle cameras.

Although portions of the California Consumer Privacy Act (“CCPA”) and regulations are not yet effective, California Attorney General’s (“AG”) office is not waiting to enforce. As it stands, the CCPA was modified by the California Privacy Rights Act (“CPRA”) and is not in full effect until January 2023. However, the majority of the CCPA is currently in effect and Sephora is the first one to feel it.

California voters passed Consumer Privacy Rights Act (“CPRA”) which amended the California Consumer Privacy Act of 2018 (“CCPA”) and created the California Privacy Protection Agency (“Agency”). The Agency enforces the CCPA and adopt regulations to further the purpose of the Act. As part of the process to adopt new regulations, the proposed regulations are made available to the public in order to allow a 45-day comment period.

Under the California Consumer Privacy Act (“CCPA”), businesses are required to respond to verifiable consumer requests. What should you be ready to disclose, and how should you respond to these requests?

The Federal Trade Commission (“FTC”) amended their Standards for Safeguarding Customer Information (16 CFR Part 314) (“Safeguard Rule”) that requires compliance by December 9, 2022. The Safeguard Rule was designed to protect the security of customer information and the recent amendments were for the purpose of keeping up with technology. Specifically, the latest version of the Safeguard Rule requires financial institutions (which includes motor vehicle dealers) to develop, implement, and maintain an information security program with administrative, technical, and physical safeguards designed to protect customer information. The FTC published detailed guidelines to maintain compliance with the Safeguard Rule.

The California Consumer Privacy Act (“CCPA”) provides consumers with a variety of rights regarding the collection, selling, and sharing of their personal information. Some of the latest amendments to the CCPA expand mandatory disclosures when businesses share consumer information with other businesses (which can include vendors and contractors). However, it is important to know how to classify third-party businesses for purposes of maintaining compliance with the CCPA.

Human Resource and Compliance departments are scrambling to prepare for changes in California’s consumer protection laws. The California Privacy Rights Act (“CPRA”) goes into full effect on January 1, 2023 which makes a variety of changes to the California Consumer Privacy Act (“CCPA”) that was passed in 2018. Amongst many of the changes, CPRA provides consumers the right to know, modify and delete their information that a business collects. Many of these changes are applicable to information that human resource departments maintain.