For companies scrambling to button up their California Consumer Privacy Act (CCPA) compliance by the July 1 enforcement date, some news out of the state capital of Sacramento:
Per a memorandum issued June 24, 2020 by the California Secretary of State, the California Privacy Rights Act (CPRA), often dubbed “CCPA 2.0”, has collected a sufficient number of signatures to be included on the ballot in November 2020.
CPRA sets out to amend and fortify CCPA and contains many concepts that will bring the California law closer to the European Union’s General Data Protection Regulation. This includes purpose limitation, data minimization, retention limits, a concept of sensitive information and tighter buttoning down of the downstream service providers.