California Consumer Privacy Act

“Though it was hailed as a potentially groundbreaking bill, the New York Privacy Act (NYPA) failed to materialize during the state’s most recent session. Had it done so, the bill would have introduced a regulatory framework that rivaled or potentially even surpassed that of the California Consumer Privacy Act (CCPA), the first major piece of

How do you verify the identity of an individual requesting access to their data or that data be deleted?

The Dutch Data Protection Authority, Autoriteitpersoonsgegevens, offers guidance which can be helpful and instructive not only for GDPR but for CCPA as well:

  • If at all possible, refrain from asking for a copy of a formal

A New York Times review of 150 website privacy notices argues there is still work to be done to make privacy disclosures say what the law requires and be an effective tool for the user.

“The vast majority of…privacy policies exceed college reading level… That means a significant chunk of the data collection economy is

The Swedish Data Protection Authority has initiated an inquiry into how song streaming provider Spotify handles data access requests.

The questions posed in the inquiry can be useful to companies in structuring their procedures for responding to access requests under the General Data Protection Regulation and/or the California Consumer Privacy Act (especially re: profiling and

To sue or not to sue (for privacy violations), that is the question.

“Lawmakers negotiating a national privacy bill are clashing over whether to allow consumers to sue companies … over privacy violations — in what’s shaping up to be another potential roadblock to bipartisan legislation. Republicans and Democrats are split over whether to include

Some basics about how the California Consumer Privacy Act applies to selling children’s personal information:

  • Businesses subject to CCPA cannot sell the personal information of consumers who are 16 years old or younger without prior authorization.
  • If the minor is less than 13 years old, the businesses must obtain authorization from a parent or guardian.

First we take Sacramento, then we take Albany…

The New York Privacy Act, a privacy bill proposed by State Sen. Kevin Thomas, D-N.Y., bears similarities to the California Consumer Privacy Act.

Like the CCPA, it would allow people to find out what data companies are collecting on them, see who they’re sharing that data with,

What is sold in Vegas, can be opted-out-of in Vegas.

Nevada’s new privacy law will go into effect October 1, providing consumers with a right to opt out of the sale of their personal information.

Key provisions:

  • Applies to an “operator of an Internet website or online service which collects certain items of personally identifiable

CCPA is coming to a data broker near you?

If passed, AB 1202, one of the amendments making its way through the California legislature, will:

  • require data brokers to register with the California Attorney General and provide some information
  • impose penalties on the failure to register
  • specifically apply all CCPA obligations to data brokers, including