The passage by the voters in November 2020 of the California Privacy Rights Act (CPRA) by initiative is a significant development for all businesses with activity in California. It expands upon the California Consumer Privacy Act (CCPA), creating additional rights for consumers and obligations for businesses. It also creates the first state agency in the state dedicated to privacy, the California Privacy Protection Agency (Agency).

Data Privacy Day is January 28, 2021 and is an international effort to empower people to protect their personal data and privacy, particularly online. According to Cybint, a global cyber security educator, 95 percent of cybersecurity breaches are caused by human error. The practices that help protect individuals’ security online will also help protect businesses, so on this day let’s review the most powerful and simple steps everyone can take to secure their own data and that of their customers who entrust them with it.

Among the most important features of the CCPA is that it vests most of the law’s enforcement with the California Attorney General’s Office. That means that private plaintiffs may not enforce most of the law’s provisions. This article looks at the tea leaves regarding the Attorney General’s enforcement to see what the future may hold.

As of November 6, 2020, it appears that California voters have approved Proposition 24, which will expand the reach and enforcement of the already groundbreaking California Consumer Privacy Act. With three-quarters of the anticipated votes counted, the measure is up by 1.5 million votes, a lead that is unlikely to be overtaken.

Data breaches continue to be among the biggest risks that businesses face today. This is due to both the prevalence of bad actors that seek to access and use consumer data for criminal purposes, as well as laws, such as the CCPA, that allow consumers to bring private actions against businesses for a data breach. One of the simplest steps a business can take to prevent a data breach is to limit access to sensitive data.

Governor Newsom signed two new laws at the end of the legislative session this year that modify the California Consumer Privacy Act (CCPA). Most crucially for the majority of businesses in California, one of the laws extends the temporary employee and business-to-business (“B2B”) exemptions from the definition of “Consumer” in the CCPA. The second changes how businesses must treat health privacy.

With the California Consumer Privacy Act in full force and effect, businesses in California and across the country are starting to wonder if the time to pass a national standard is now. However, with the 2020 election looming and little action from Washington, such a bill is unlikely to relieve California businesses in the near or even medium term future.

With required symptom checks and potential outbreaks among employees and customers, the Coronavirus has raised new questions regarding privacy for businesses across California.

Although the California Attorney General has only had the authority to enforce the California Consumer Privacy Act (CCPA) since July 1, 2020, it could be overhauled by a new privacy law that qualified for the 2020 November ballot in California.

Last month the California Attorney General announced that the Office of Administrative Law has approved the final California Consumer Privacy Act (CCPA) regulations. The final draft, submitted to OALL in late June of this year, is substantially the same as the final version, with minor tweaks that impact brick-and-mortar retailers. If your business has been waiting until final regulations to comply with the law, now is the time.