The California Privacy Protection Agency (CPPA) and Background Alert, Inc. (a California-based data broker) settled allegations that Background Alert failed to register and pay the annual fee required by the California Delete Act. This settlement is part of the CPPA’s investigative initiative announced back in October 2024.

The Delete Act requires data brokers to register

Last week, the California Privacy Protection Agency (CPPA) announced settlements with two data brokers, Growbots, Inc. and UpLead LLC, for failure to register and pay the fees required of a data broker under the California Delete Act.

Growbots is a software company that provides an outbound sales platform to help users find, engage with, and

Last week, the California Privacy Protection Agency (CPPA) announced it will conduct a public investigative sweep of data broker registration compliance under the California Delete Act.

Pursuant to the Act, a “data broker” is “a business that knowingly collects and sells to third parties the personal information of a [California] consumer with whom the business

On Wednesday, the Federal Communication Commission’s (FCC) Privacy and Data Protection Task Force announced a Memorandum of Understanding (MOU) with the California Privacy Protection Agency (CPPA) to establish a federal-state partnership focused on privacy, data protection, and cybersecurity enforcement matters. This partnership will allow the FCC and the CPPA to share resources and align efforts

Across Europe and other countries, there are numerous data protection authorities with differing goals and enforcement powers. Until 2020, when the California Privacy Rights Act (which amended the California Consumer Privacy Act) (collectively the CCPA) went into effect, did the U.S. government or any states have any similar data protection authorities like Europe; then came

The California Privacy Protection Agency (CPPA) recently issued an enforcement advisory encouraging covered businesses to focus on their data minimization obligations related to consumer requests under the California Consumer Privacy Act (CCPA). The advisory categorizes data minimization as a “foundational principle” of the CCPA and reflects the reasons why businesses will apply this principle for

The California Privacy Protection Agency’s (CPPA) highly anticipated regulations for automated decision-making technology and risk assessment requirements are likely far from final. The CPPA met at the beginning of the month but did not come to a consensus on what the final regulations should look like.

The CPPA’s vote was expected to be procedural but

Last week, the California Privacy Protection Agency (CPPA) launched a new website dedicated to providing resources to California residents about their privacy rights under the California Consumer Privacy Act (CCPA). The purpose of this new website is to serve as a central resource for residents to understand their rights and the actions that they can

Last week, the California Privacy Protection Agency (CPPA) voted in favor of a legislative proposal that would require web browsers to include a feature that allows web users the ability to exercise their privacy rights under the California Consumer Privacy Act (CCPA) through opt-out preference signals.

Under the California Consumer Privacy Act (CCPA), businesses must

The California Privacy Protection Agency (CPPA) recently met to discuss automated decision-making technology, privacy risk assessments and cybersecurity audits under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA). However, the CPPA also decided to step outside the anticipated agenda and discuss additional revisions to the existing regulations. Once