On June 1, The California Attorney General submitted the final text of the CCPA regulations to the California Office of Administrative Law for approval. Though regulations submitted to the OAL in June ordinarily would not become effective—if approved—until October 1, the CA AG has requested an expedited review. According to the CA AG, the expedited review would allow the regulations to become effective by July 1, which still is the date his office plans to begin enforcing the CCPA according to a public statement.
Tag Archives: CCPA
California Privacy Compliance Obligations May Soon Change Under CPRA Ballot Initiative
The California Privacy Rights Act is progressing through California’s elections process for inclusion on the November 2020 ballot. Businesses may want to begin considering how their data privacy obligations in California may change if voters enact CPRA. The CPRA would significantly amend the CCPA. Included in this blog post is a summary of key additions and modifications to the CCPA’s existing obligations.
CCPA Regulations Still Not Final as Enforcement Deadline Approaches; CPRA Appears to Move Forward
Businesses spent the latter months of 2019 working hard to prepare for the January 1, 2020 implementation of the California Consumer Privacy Act. Months later, those businesses still are uncertain of their full range of potential compliance obligations because the California Attorney General’s CCPA implementing regulations are still not final. As businesses refine their CCPA compliance programs, they should also be aware that privacy rules in California could again change before the end of this year if the California Privacy Rights Act ballot initiative is approved by voters. Both the regulations and the CPRA are subject to complicated administrative processes that could affect their adoption and implementation, as described in this post.
Now Available — AdTech and Privacy: Managing Risk in a Complex and Evolving Digital Economy (Webinar Materials)
On Wednesday April 15, Hogan Lovells and Ankura hosted a webinar about the impact of the GDPR and CCPA on cookies and similar AdTech tracking technologies. James Denvil from Hogan Lovells’ Privacy and Cybersecurity practice was joined by senior directors from Ankura to share best practices and perspectives. The webinar recording and slides are now available on our blog.
Webinar Invitation — AdTech and Privacy: Managing Risk in a Complex and Evolving Digital Economy
Join Hogan Lovells and Ankura on April 15, to learn about the impact of the GDPR and CCPA on cookies and similar AdTech tracking technologies. James Denvil from Hogan Lovells’ Privacy and Cybersecurity practice by senior directors from Ankura to share best practices and their perspectives.
Second Modified CCPA Draft Regulations Released—Comments Due March 27
On March 11, The California Attorney General released a second set of modifications to the proposed regulations implementing the California Consumer Privacy Act. These modifications update the initial draft regulations published on October 11, 2019 as well as the first set of modified draft regulations published on February 10, 2020. The second set of modifications contain a small number of impactful changes, which we summarize in this post.
Now Available: CCPA Modified Draft Regulations Update (Webinar Materials)
On February 20, the Hogan Lovells Privacy and Cybersecurity team addressed key changes in the California Attorney General’s modified draft CCPA regulations. The webinar recording and slides are now available on our blog.
Webinar Invitation — CCPA Modified Draft Regulations Update (Key Changes)
Please join us on Thursday, February 20 for a webinar discussion with Hogan Lovells Privacy and Cybersecurity partners to address key changes in the California Attorney General’s modified draft CCPA regulations.
Webinar Invitation — From Regulation to Litigation: CCPA Litigation Defense
Please join us on Thursday, February 27 for a webinar discussion with Hogan Lovells attorneys Michelle Kisloff, Michael Maddigan, Adam Cooke, and Vassi Iliadis about the CCPA’s litigation impact and strategies for defending your interests.
Modified CCPA Regulations Released—Comments Due February 25 (Updated)
On Friday, February 7, 2020, the California Attorney General released notice of changes to the California Consumer Privacy Act draft regulations. Initial draft regulations were published for public comment on October 11, 2019. Public comments on these modified draft CCPA regulations will be accepted by the CA AG until Monday, February 24, 2020, at 5 pm PST.
California’s Data Broker Registration Deadline Looming
Alongside its flurry of CCPA amendments last term, the California legislature passed Assembly Bill 1202, the nation’s second “data broker” registration law. AB 1202 requires “data brokers” to register with and pay an annual fee to the California Attorney General. AB 1202 uses the CCPA’s definitions for key terms, so even businesses that are not traditional data brokers may need to register.
The Future of UK Data Protection
As with anything Brexit-related, the UK government is facing a dilemma in relation to data protection law. Shall we follow the direction of travel of the past 25 years and opt for the continuity and certainty provided by the GDPR or shall we use the departure from the EU to make radical changes to the regulation of data uses and privacy? On the one hand, it would be reassuring to know that despite Brexit’s uncertainties, the current framework is here to stay and it will develop in a familiar way. On the other hand, it must be tempting to use this opportunity to completely re-think what is in the best national interest. For an area of law and policy that is so closely related to technological development and prosperity, it would be foolish not to consider whether a different formulation would lead to better outcomes. A dilemma indeed.
Now Available: CCPA Update (Webinar Materials)
On November 14, 2019, the Hogan Lovells Privacy and Cybersecurity team provided an important CCPA update. The webinar recording and slides are now available on our blog.
Webinar Invitation — California Consumer Privacy Act (CCPA) Update
Please Join us on Thursday, November 14 for a webinar discussion with Hogan Lovells Privacy and Cybersecurity partners Mark Brennan and Tim Tobin of how changes to the California Consumer Privacy Act (CCPA) enacted over the past year and the California Attorney General’s proposed regulations may impact your CCPA compliance efforts.
Now Available: CCPA Draft Regulations – What You Need to Know (Webinar Materials)
On October 17, 2019, the Hogan Lovells Privacy and Cybersecurity team discussed key elements of the California Attorney General’s proposed regulations implementing certain provisions of the California Consumer Privacy Act. The webinar recording and slides are now available on our blog.
IAB Soliciting Comments on Draft Compliance Framework for Programmatic Advertising under the CCPA
On October 22, the Interactive Advertising Bureau, a media and marketing industry trade group, released for public comment the California Consumer Privacy Act Compliance Framework for Publishers and Technology Companies and accompanying technical specifications to implement the Framework. The draft Framework is designed to help Framework participants (including publishers and intermediaries) comply with the California Consumer Privacy Act by: (1) establishing a digital signal that Framework participants can use to communicate consumer requests to opt out of “sales” of personal information associated with digital advertising; and (2) supporting that signal with a standard contract designed to create service provider relationships between publishers and advertising companies after a consumer registers an opt out. The IAB is requesting comments, which can be sent to privacy@iab.com, by November 5, 2019.
Webinar Invitation – CCPA Draft Regulations: What You Need to Know
Please join Hogan Lovells on October 17 for a webinar discussion of the much-anticipated proposed CCPA regulations released by the California Attorney General. The Hogan Lovells team will discuss the proposed requirements and how they would impact privacy notices, individual rights, financial incentive programs, and contracting strategies. We will also discuss steps you can take to develop reasonable and defensible CCPA compliance strategies by January 1, 2020.
California AG Releases Proposed CCPA Regulations
On October 10, California Attorney General Xavier Becerra released proposed regulations to implement certain provisions of the California Consumer Privacy Act. The proposed regulations would create many new requirements. They provide clarifications to businesses and consumers in five key CCPA areas as summarized within this post.
Privacy and Cybersecurity October 2019 Events
October is full of exciting events where we will share insights on the CCPA, cyber incident response preparedness, data transfers, and more. We hope you can join us!
The Results Are in: Modest Changes to CCPA Await the Governor’s Signature
Since the California Consumer Privacy Act’s hasty passage in June last year and minor changes last September, the CCPA has vexed businesses working on compliance. Among many practical challenges, the CCPA often includes inconsistent or ambiguous requirements that have been an obstacle to implementing clear compliance strategies. Businesses, some academics, and various legislators thought that further amendments were needed to make the CCPA work effectively and accomplish its objectives. Over the past several months, the California legislature debated several amendments, eventually passing five bills, which now sit on the Governor’s desk. These bills collectively do not provide the sweeping changes sought by businesses. Instead amendments make minor tweaks and postpone for a year some of the more challenging requirements.
Hogan Lovells at IAPP Privacy. Security. Risk. 2019
Join members from our award-winning Privacy and Cybersecurity practice at this week’s IAPP Privacy. Security. Risk. 2019 conference in Las Vegas. We hope to see you at one of our sessions listed below.
All-Day Workshop: Privacy and Cybersecurity KnowledgeShare (Agenda & Speakers Announced)
Join us on Thursday 19 September for the Hogan Lovells Privacy and Cybersecurity KnowledgeShare in London. We will share our latest thinking on the key privacy and cybersecurity issues faced by those with data protection responsibilities within organisations. Our all-day event will cover a lot of ground through incisive quick-fire presentations, Q&A panels and hands-on workshops.
Privacy and Cybersecurity September 2019 Events
Join us in September as we will be at the IAPP Privacy. Security. Risk. 2019 conference in Las Vegas discussing the CCPA, the GDPR, and traits of effective privacy and security professionals. We will also be exploring the latest thinking on key privacy and cybersecurity topics as well as cybersecurity as it relates to medical devices and patients, and more. We hope you can join us.
All-Day Workshop: Privacy and Cybersecurity KnowledgeShare
Join us on Thursday 19 September for the Hogan Lovells Privacy and Cybersecurity KnowledgeShare in London. We will share our latest thinking on the key privacy and cybersecurity issues faced by those with data protection responsibilities within organisations. Our all-day event will cover a lot of ground through incisive quick-fire presentations, Q&A panels and hands-on workshops.