As companies hustle to follow the new California Privacy Rights Act (CPRA) regulations, they’ve hit a substantial hiccup: there aren’t any yet. The California Privacy Rights Agency (CPPA), the newly-created body with administrative authority over the CPRA’s implementation, has yet to release its finalized regulations. The CPRA takes effect on January 1, 2023, and covered

California law will soon require businesses to treat their employees and business partners as consumers under the California Consumer Privacy Act (CCPA). The CCPA and its successor legislation, the California Privacy Rights Act (CPRA), grant California consumers dignitary rights over their personal information collected and processed by commercial entities that do business in California. The

President Biden recently signed an executive order establishing the implementation of the new EU-U.S. Data Privacy Framework, which would provide for the possibility of the lawful transfer of personal data from the European Union (EU) to the United States (U.S.), while ensuring a strong set of data protection requirements and safeguards.[1]  Once approved

When the U.K. withdrew from the European Union (EU), its General Data Protection Regulation (GDPR) status was one of many headaches for regulators to figure out. After drawn-out negotiations over points such as requiring opt-in or opt-out models, lawmakers had settled mainly on a GDPR-like solution called the Data Protection and Digital Information Bill.

The

In delving deeply into the California Consumer Privacy Act (CCPA), the Amendments recently signed by the California Governor, and the proposed Regulations issued by the California Attorney General, we thought it would be helpful to point out some details that are important to consider for compliance which are not obvious in the CCPA discussions we