- Requiring
California Privacy Rights Act
Is Your Business Trapped? The Rise of “Trap and Trace” Litigation
Almost every business has a website; every website should have a privacy policy, terms of use, and, in some cases, a consumer privacy rights notice—if certain state consumer privacy rights laws apply to your business, such as the California Consumer Privacy Act as amended by the California Privacy Rights Act (collectively CCPA). What about a…
California AG Issues AI-Related Legal Guidelines for Developers and Healthcare Entities
The California Attorney General published two legal advisories this week:
- Legal Advisory on the Application of Existing California Laws to Artificial Intelligence
- Legal Advisory on the Application of Existing California Law to Artificial Intelligence in Healthcare
These advisories seek to remind businesses of consumer rights under the California Consumer Privacy Act, as amended by the…
CPPA’s Cooperation with International Data Protection Authorities
Across Europe and other countries, there are numerous data protection authorities with differing goals and enforcement powers. Until 2020, when the California Privacy Rights Act (which amended the California Consumer Privacy Act) (collectively the CCPA) went into effect, did the U.S. government or any states have any similar data protection authorities like Europe; then came…
California Privacy Protection Agency Announces Additional Enforcement Focuses
The regulatory enforcement agency for the California Consumer Privacy Act, as amended by the California Privacy Rights Act (collectively, the CCPA), the California Privacy Protection Agency (CPPA) announced additional enforcement focuses this week, including an emphasis on dark patterns on businesses’ websites. Michael Macko, Deputy Director of the CPPA, said, “The number of investigations we…
California Trap & Trace Class Actions on the Rise in the Age of Website Trackers
Future LLC, a magazine and website publisher and owner of the TechRadar.com website, faces allegations that it collected website visitors’ IP addresses without consent in violation of the California Invasion of Privacy Act (CIPA). The class action complaint alleges that the TechRadar website launched three trackers -the TripleLift Tracker, GumGum Tracker, and Audiencerate Tracker –…
California Privacy Protection Agency’s Regulations on Automated Decision-Making Technology, Risk Assessments Delayed
The California Privacy Protection Agency’s (CPPA) highly anticipated regulations for automated decision-making technology and risk assessment requirements are likely far from final. The CPPA met at the beginning of the month but did not come to a consensus on what the final regulations should look like.
The CPPA’s vote was expected to be procedural but…
CPPA Proposes More Revisions to CCPA
The California Privacy Protection Agency (CPPA) recently met to discuss automated decision-making technology, privacy risk assessments and cybersecurity audits under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA). However, the CPPA also decided to step outside the anticipated agenda and discuss additional revisions to the existing regulations. Once…
State Consumer Privacy Laws in M&A Deals: What to Know
Data privacy and cybersecurity risks are critical components of M&A transactions due to the potential exposure for legal liability for non-compliance, as well as the financial and reputational harm and the material impact that lax or failed data privacy compliance and cybersecurity safeguards can have on an entity’s ability to conduct its operations.
Therefore, part…
Update on CPRA Regulations for Cybersecurity Audits and Risk Assessments from the CPPA
In August, the California Privacy Protection Agency (CPPA) released its initial draft regulations for cybersecurity audits and risk assessments under the California Privacy Rights Act (CPRA). While the CPPA has not yet commenced its formal rulemaking process for these regulations, once finalized, businesses will be required to perform annual cybersecurity audits and regularly submit risk…