The state of California has selected the inaugural board members of the new California Privacy Protection Agency approved by California voters during the November 2020 election. The new board members come from a variety of backgrounds, including private legal practice, academia, and nonprofits.

The California Attorney General adopted new regulations in March that may require changes to how businesses are communicating to consumers about their rights under the CCPA. These regulations are aimed at practices that the Attorney General’s office views as unfair to consumer and has pursued in enforcement letters to companies to date. Every company doing business in California that must comply with the CCPA should review its communication to customers about the CCPA.

The passage by the voters in November 2020 of the California Privacy Rights Act (CPRA) by initiative is a significant development for all businesses with activity in California. It expands upon the California Consumer Privacy Act (CCPA), creating additional rights for consumers and obligations for businesses. It also creates the first state agency in the state dedicated to privacy, the California Privacy Protection Agency (Agency).

Data Privacy Day is January 28, 2021 and is an international effort to empower people to protect their personal data and privacy, particularly online. According to Cybint, a global cyber security educator, 95 percent of cybersecurity breaches are caused by human error. The practices that help protect individuals’ security online will also help protect businesses, so on this day let’s review the most powerful and simple steps everyone can take to secure their own data and that of their customers who entrust them with it.

Among the most important features of the CCPA is that it vests most of the law’s enforcement with the California Attorney General’s Office. That means that private plaintiffs may not enforce most of the law’s provisions. This article looks at the tea leaves regarding the Attorney General’s enforcement to see what the future may hold.

As of November 6, 2020, it appears that California voters have approved Proposition 24, which will expand the reach and enforcement of the already groundbreaking California Consumer Privacy Act. With three-quarters of the anticipated votes counted, the measure is up by 1.5 million votes, a lead that is unlikely to be overtaken.

Data breaches continue to be among the biggest risks that businesses face today. This is due to both the prevalence of bad actors that seek to access and use consumer data for criminal purposes, as well as laws, such as the CCPA, that allow consumers to bring private actions against businesses for a data breach. One of the simplest steps a business can take to prevent a data breach is to limit access to sensitive data.

Governor Newsom signed two new laws at the end of the legislative session this year that modify the California Consumer Privacy Act (CCPA). Most crucially for the majority of businesses in California, one of the laws extends the temporary employee and business-to-business (“B2B”) exemptions from the definition of “Consumer” in the CCPA. The second changes how businesses must treat health privacy.

With the California Consumer Privacy Act in full force and effect, businesses in California and across the country are starting to wonder if the time to pass a national standard is now. However, with the 2020 election looming and little action from Washington, such a bill is unlikely to relieve California businesses in the near or even medium term future.

With required symptom checks and potential outbreaks among employees and customers, the Coronavirus has raised new questions regarding privacy for businesses across California.