CCPA

We are generating, processing and transferring more data RIGHT NOW than ever before … But Companies Are Seeking to Delay Enforcement of CCPA

By Jenny L. Colgate on March 24, 2020

There is no doubt that we are generating, processing, and transferring more data RIGHT NOW than we ever have before. It is almost certain that our data generation, processing and transmission is many, many times that today than it was this same time last week—not to mention last month—because of “work-around” efforts due to the…

Taking A Stand (And Facebook)

By Martin M. Zoltick on February 13, 2020

Posted in CCPA, European Union, GDPR, United States

The number of actions to enforce the European Union’s General Data Protection Regulation (GDPR) against a wide range of companies continues to rise. Germany, a country where privacy enjoys strong legal protection, is establishing itself as a favorite jurisdiction for enforcement of the GDPR. And, not surprisingly, Facebook is one of the companies in the…

Modified CCPA Guidance – Comments Due by February 25

By Jennifer B. Maisel on February 13, 2020

Posted in CCPA, Privacy

The California Attorney General recently released modified CCPA guidance. While the modified guidance offers additional examples for CCPA compliance and clarifies certain obligations, several open issues and ambiguities still remain. Below are highlights of the changes, and note that written comments are due by February 25, 2020.

Definitions: The modified guidance specify the…

What is “Reasonable” Security?

By Jennifer B. Maisel on February 6, 2020

Posted in CCPA, United States

“Reasonable” appears several times in the California Consumer Privacy Act (CCPA), and most notably in the section on the private right of action for a data breach resulting from “a business’s violation of the duty to implement and maintain reasonable security procedures and practices appropriate to the nature of the information to protect the personal…

And They’re Off… The First Data Breach Suit Citing CCPA Was Filed This Week

By Jenny L. Colgate on February 6, 2020

Posted in CCPA, United States

On February 3, 2020, Bernadette Barnes, a private resident of California (on behalf of herself and others similarly situated), brought the first data breach suit citing CCPA ever. The suit named Hanna Andersson (company specializing in high end children’s apparel) and Salesforce.com (cloud technology service as a software (“SaaS”) company) as defendants, and brought claims …

Be Proactive When it Comes to AI and Privacy Under the CCPA

By Jennifer B. Maisel on January 29, 2020

Posted in Artificial Intelligence, CCPA, European Union, United States

One notable difference between the California Consumer Privacy Act (CCPA) and Europe’s General Data Privacy Regulation (GDPR) is that only the latter provides the right for individuals to not be subjected to automated decision-making, including profiling, which has legal or other significant effects on that individual.

But, the CCPA still creates issues for covered entities…

CCPA’s Sidekick: California’s New IoT Security Law

By Martin M. Zoltick on January 27, 2020

Posted in CCPA, Internet of Things

The California Consumer Privacy Act (CCPA) went into effect on January 1, 2020. The CCPA is front page news, and rightfully so. While the major focus has been, and continues to be, on the CCPA, another piece of legislation went into effect on January 1, 2020, which deserves attention.

Bill SB-327 – “Information Privacy: Connected…

Privacy Zone