The CCPA Meets the CPRA

The CCPA Meets the CPRA
December 16, 2020 dmock2015

The ink has barely dried on the California Consumer Privacy Act (“CCPA”) and its regulations, yet California Proposition 24 was approved by voters in the November election.  As a result, the CCPA will be amended and the California Privacy Rights Act (“CPRA”) will be enforced beginning January 2023 by the California Privacy Protection Agency, the state agency created by the CPRA. Similar to the CCPA, the CPRA will have a 12-month look-back period; thus businesses should strive to comply with the CPRA before January of 2022.  Of a more immediate concern, the employee and the business-to-business exceptions will be extended to January 1, 2023.  We expect more regulations to be issued in the lead up to the CPRA enforcement date.

Additionally, on December 10, 2020, the AG’s office released modifications to the previously withdrawn regulations.  The proposed regulations offer clarifications of the information collected offline (where the business “sells” personal information), the procedures to opt-out from the “sale” of personal information, and the “Do Not Sell” button.  The public comment period is open until December 28, 2020. The AG’s website dedicated to the CCPA provides more information.


Legal Disclaimer:

This material is provided for informational purposes only and does not constitute legal advice. The transmission of information on this blog is not intended to establish, and receipt of such information does not establish or constitute, an attorney-client relationship. You should not act or rely on any information contained on this blog without first seeking the advice of an attorney.
This blog is not intended to be advertising, and Delfino Madden O’Malley Coyle & Koewler LLP does not desire to represent anyone desiring representation based upon viewing this blog or any articles contained on this blog in a jurisdiction where this email fails to comply with all laws and ethical rules of that jurisdiction.