California Consumer Privacy Act

Since the California Privacy Protection Agency (CPPA) released its draft regulations pursuant to the California Privacy Rights Act (CPRA), the biggest gripe from businesses has been the website tracking opt-out requirements. Recognition of opt-out requests from consumers could potentially cost companies some significant dollars.

The CPRA amends the California Consumer Privacy Act of 2020 and

California law will soon require businesses to treat their employees and business partners as consumers under the California Consumer Privacy Act (CCPA). The CCPA and its successor legislation, the California Privacy Rights Act (CPRA), grant California consumers dignitary rights over their personal information collected and processed by commercial entities that do business in California. The

California is the gold standard for state privacy laws, having recently enacted the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA). Virginia and Colorado also have enacted comprehensive privacy laws, which will take effect in 2023. Recently, the International Association of Privacy Professionals (IAPP) released its state privacy legislation tracker.

California Attorney General Rob Bonta is serious about compliance with the California Consumer Privacy Act (CCPA). So serious, that on January 28, 2022, also known as Data Privacy Day, he announced that his office was commencing an investigative “sweep” of “businesses operating loyalty programs in California” and sent notices of noncompliance to businesses requiring them

This is the time of year for thought pieces reflecting on the past year or so to speculate on the hot topics for next year. I began to wonder about California Consumer Privacy Act (CCPA) enforcement actions over the past year as this was something that we speculated about not that long ago. The California

With the signature of Governor Jared Polis last week on the Colorado Privacy Act, Colorado became the third state (following California and Virginia) to adopt a comprehensive consumer privacy law.

We will provide you with a more comprehensive summary of the new Virginia and Colorado laws in the coming weeks, but for now, the highlights

This week, Volkswagen AG’s U.S. entity and its Audi brand were hit with a class action for a data breach that allegedly compromised 3.3 million consumers’ personal information. In the U.S. District Court for the District of New Jersey, a California consumer filed a suit against the automakers on behalf of other current and prospective

Ever since the enactment of the Illinois Biometric Information Privacy Act (BIPA), we have been watching the development of laws around the collection, use, disclosure and retention of biometric information. In general, BIPA and other biometric information privacy laws enacted since BIPA, require any company that is collecting biometric information, such as fingerprints, voice recognition,