The California Attorney General recently approved modified regulations under the California Consumer Privacy Act (CCPA). One part of the modified regulations bans “dark patterns” on a website. What are dark patterns? Public comments to the proposed regulations describe dark patterns as deliberate attempts to subvert or impair a consumer’s choice to opt-out on a website.
Websites
Additional CCPA Regulations Approved
California Attorney General Xavier Becerra announced this week that the Office of Administrative Law approved additional California Consumer Privacy Act (CCPA) regulations, which became effective March 15, 2021.
The additional changes to the regulations primarily affect businesses that sell the personal information of California residents. The changes include a uniform Opt-Out Icon for the…
California Privacy Protection Agency Board Members Appointed
California Governor Gavin Newsom, along with Attorney General Xavier Becerra, Senate President pro Tempore Toni G. Atkins (D-San Diego), and Assembly Speaker Anthony Rendon (D-Lakewood), announced the appointment of the five-member inaugural board for the California Privacy Protection Agency (CPPA) this week.
The Board was established by the California Consumer Privacy Rights Act (CPRA) and…
Federal Court Finds the California Consumer Privacy Act (CCPA) Does Not Apply Retroactively, Dismissing Claims Against Walmart Stemming from an Alleged Data Breach
A federal District Court in California recently dismissed a lawsuit against Walmart that arose from an alleged data breach. (Gardiner v. Walmart, Inc., 20-cv-04618-JSW (N.D. Cal., March 5, 2021). Among other things, the court determined that California’s Consumer Privacy Act (CCPA) does not apply retroactively, dismissing the CCPA claim because the plaintiff had not…
Virginia Has a New Data Privacy Law
Virginia Governor Ralph Northam signed the Consumer Data Protection Act (CDPA) on Tuesday, March 2, 2021. Virginia now joins California as the second state to have a data privacy law. The law takes effect on January 1, 2023, so businesses have some time to get ready. In our previous article on the proposed legislation, we…
Consumer Reports Releases Model State Privacy Act – More States Introduce Consumer Privacy Legislation
This week, Consumer Reports published a Model State Privacy Act. The Consumer advocacy organization proposed model legislation “to ensure that companies are required to honor consumers’ privacy.” The model legislation is similar to the California Consumer Privacy Act, but seeks to protect consumer privacy rights “by default.” Some additional provisions of the model law…
Is Your Business Collecting COVID-19-Related Employee Data? If So, You May Need to Update Your CCPA Employee Notice
The California Consumer Privacy Act (CCPA) requires businesses covered by the CCPA to notify their employees of the categories of personal information the business collects about employees and the purposes for which the categories of personal information are used. The categories of personal information are broadly defined in the CCPA and include personal information such…
Sensitive Personal Information – What Is It and What Does It Mean for California Privacy Rights Act Compliance?
The California Privacy Rights Act (CPRA) expands the definition of personal information as it currently exists in the California Consumer Privacy Act (CCPA). The CPRA adds “sensitive personal information” as a defined term, which means:
(l) personal information that reveals:
(A) a consumer’s social security, driver’s license, state identification card, or passport number;
(B) a…
California’s Proposition 24 Passed – What Does It Mean for Your Business?
According to the Los Angeles Times and other media outlets, Californians passed Proposition 24, also known as the California Privacy Rights Act of 2020 (CPRA). With 71.61 percent of precincts reporting, the measure passed with 56.1 percent of the vote. We wrote about the CPRA last week, and we provided an overview of this new…
California’s Proposition 24 – CCPA 2.0 Meets the California GDPR
Proposition 24 is known as the California Privacy Rights Act of 2020 (CPRA). It is on the ballot in California on November 3, and if it passes it will amend and expand certain provisions of the California Consumer Privacy Act (CCPA). Some say it’s CCPA 2.0, however, there are some provisions that make the CPRA…