The far-reaching Consumer Privacy Act of 2018 (CCPA) will require many companies doing business in California to implement new policies and procedures no later than July 1, 2020. The CCPA can be enforced by the California Attorney General or by private plaintiffs with the possibility of statutory penalties for noncompliance.
California has passed a comprehensive consumer privacy law—similar in some respects to the European Union’s General Data Protection Regulation (GDPR). The CCPA was unanimously approved by the California Senate and Assembly on June 27 and signed into law by Governor Jerry Brown the same day. The enforcement date for the CCPA is now six months after the Attorney General’s Office issues regulations, so organizations subject to the CCPA must be in compliance no later than July 1, 2020.
The CCPA creates an array of new consumer privacy rights that will require many companies doing business in California to reassess their collection and use of personal information and modify their business processes to accommodate the new rights. It allows California consumers to make requests of businesses to disclose what personal information the business has shared and also to delete or no longer share that information.
Morgan Lewis is prepared to guide companies and institutions of all sizes through the challenges they face in this new regulatory environment, and we will be closely following each new development as the CCPA is amended and regulations and guidance documents are issued. We assist clients in virtually all the major industries around the globe in understanding how these important changes will affect their businesses and how to navigate the changing data privacy landscape. Because we work with companies that are subject to GDPR and companies that are not, we can tailor a solution that fits either mold.
To help businesses prepare for the CCPA we created a CCPA checklist. The checklist covers the following points in detail to help you determine whether the CCPA applies to your business, and includes actionable steps your business can take to ensure compliance and many other useful tips:
On the first anniversary of the European Union’s General Data Protection Regulation (GDPR), the United States is seeing a wave of state legislatures similarly considering laws to regulate the use of personal data. This installment of The eData Guide to GDPR recaps the current legislative activity across the United States.
This article examines recent developments regarding the CCPA, and looks at some issues that will likely be a focus in the coming months now that the California Legislature is back in session.
By January 2020, manufacturers of Internet-enabled (IoT) devices that are sold or offered for sale in California (connected devices) must comply with the new legislation. For cyber security regulations in California. This includes the requirement to equip their devices with adequate security features to protect the device and the information contained therein.
Morgan Lewis partner Daniel Yong has written an article in Thomson Reuters about the Variable Capital Companies Bill passed in Singapore. The Bill represents a new corporate entity that, it is hoped, will enhance Singapore’s attractiveness as a hub for investment funds.
As detailed in a prior blog post, California’s new privacy law, commonly referred to as the CCPA seeks to impose tougher privacy requirements on companies that collect and use consumer data.
The article analyzes the CCPA, which has been described as a landmark privacy bill that aims to give California consumers increased transparency and control over how companies use and share their personal information by January 2020. Companies with business in California should start with their compliance work as soon as possible.
At a time when many companies have only recently completed their efforts to comply with the European Union’s General Data Protection Regulation (“GDPR”), California has upped the ante by passing a comprehensive consumer privacy law that many are characterizing as “GDPR-like.”
In order to cause the withdrawal of a privacy measure slated to appear on the November ballot, the California Senate and Assembly approved the California Consumer Privacy Act (CCPA) on June 27, and it was signed into law by Governor Jerry Brown the same day. The CCPA, as enacted, modified some of the provisions in the ballot measure that were considered most onerous by business interests. But, like the ballot measure, the CCPA creates an array of new consumer privacy rights—similar in some respects to the European Union’s General Data Protection Regulation (GDPR)—that will cause many companies doing business in California to reassess their collection and use of personal information and modify their business processes to accommodate the new rights. Organizations subject to the CCPA must comply by January 1, 2020.
The California Consumer Privacy Act will appear on the November ballot in California. It establishes new, groundbreaking consumer privacy rights similar to some of the new privacy (GDPR) rules in Europe. Among other things, it empowers consumers to find out what information businesses are collecting about them and gives them the choice to tell businesses to stop selling their personal information.
The California Consumer Privacy Act, which could be on the ballot in November, aims to introduce a groundbreaking approach to consumer privacy that not only is likely to resonate with the state’s voters, but is also expected to have national implications – thanks to California’s reputation as a trendsetter in consumer privacy. If passed, the act will come with significant compliance challenges and costs that companies should prepare for ahead of time.
The article summarizes the impact of The US COULD Act on businesses in Germany, in particular new risks for storing personal data in the Cloud. Some of the provisions in the US CLOUD Act my collide with the provisions of the General Data Protection Regulation (GDPR) for international data transfers.
We will discuss compliance with the new California law and what might be on the horizon in California and other states.
California has long been a laboratory for innovative privacy legislation, and there were many new experiments in 2018 and 2019.
When the California Consumer Privacy Act was signed into law on June 28, it was recognized as a landmark privacy measure – and as a work in progress. Now the California Legislature has passed the first set of amendments to the CCPA, but many more issues remain to be debated and clarified.
On June 27, California enacted the nation’s most comprehensive consumer privacy law, the California Consumer Privacy Act of 2018 (CCPA). This webinar will provide an overview of the landmark privacy measure.
Bloomberg Law Quoted: Reece Hirsch
Law360 Quoted: Reece Hirsch
Bloomberg Law Quoted: Reece Hirsch