Two bills dealing with processing COVID-19 data in California were referred to the Senate Appropriations Committee.

Assembly Bill 660 prohibits data collected, received or prepared for purposes of contact tracing from being used or disclosed for any purpose other than facilitating contact tracing efforts. It also requires the data collected to be deleted within 60

“Though it’s hard to predict what will happen with regard to a federal privacy bill in 2020, the reality is that the CCPA is here and other states will surely follow,” writes Jedidiah Bracy of the International Association of Privacy Professionals.

“In addition to driving policy talks in the nation’s capital, the CCPA may also

California Attorney General Xavier Becerra released the title and summary for the CCPA 2.0 ballot initiative, the California Privacy Rights Act.

Key provisions:
  • Right to amend inaccurate information
  • Right to restrict the use of “Sensitive Personal Information” which includes finances, race, biometric information or information revealing health status or precise location.
  • Data minimization (collect only

The CCPA regs, they are not-a-changing.

California Attorney General Xavier Becerra doesn’t plan to make major changes to rules he proposed in October to enforce California’s new privacy law before issuing a final set of regulations.

“’That initial public disclosure of our proposed regs gives everyone a sense of where we think we should go,’

Alastair Mactaggart, the proponent of the “CCPA 2.0” ballot initiative in California, has submitted to the Office of the Attorney General a revised version of the proposed “California Privacy Rights Act” (CPRA) that he hopes to place before voters on the November 2020 general election ballot.

Read my detailed analysis.

California’s Internet of Things (IoT) law, which goes into effect on January 1, will regulate organizations that manufacture (or contract with another company to manufacture) certain types of connected devices that are sold or offered for sale in California.

The law will require IoT device manufacturers to equip each connected device “with a reasonable security

“Manufacturers of smart microwaves, light bulbs, and other connected devices will face new security requirements in California and Oregon next year,”  Reports Sara Merken for Bloomberg Law.

“The two states are the first ones to specifically regulate the security of internet of things devices, with laws taking effect Jan. 1. Other states are likely to

California has amended its data breach notification law to include biometric and other identifiers.

The bill (AB 1130), signed by Gov. Gavin Newsom on October 11, revises the definition of personal information for purposes of data breach notification requirements to add specified unique biometric data and tax identification numbers, passport numbers, military identification numbers, and

Passports and biometric data would be included in the types of personal information covered by California’s data breach notification law, under a bill that passed the state Senate and is headed to Gov. Gavin Newsom.

A.B. 1130 by Assemblyman Marc Levine (D) would also add taxpayer and military identification numbers, and other unique government identification