Header graphic for print
HL Chronicle of Data Protection Privacy & Information Security News & Trends

Tag Archives: CCPA

Posted in News & Events

Webinar Invitation — California Consumer Privacy Act (CCPA) Update

Please Join us on Thursday, November 14 for a webinar discussion with Hogan Lovells Privacy and Cybersecurity partners Mark Brennan and Tim Tobin of how changes to the California Consumer Privacy Act (CCPA) enacted over the past year and the California Attorney General’s proposed regulations may impact your CCPA compliance efforts.

Posted in Consumer Privacy

IAB Soliciting Comments on Draft Compliance Framework for Programmatic Advertising under the CCPA

On October 22, the Interactive Advertising Bureau, a media and marketing industry trade group, released for public comment the California Consumer Privacy Act Compliance Framework for Publishers and Technology Companies and accompanying technical specifications to implement the Framework. The draft Framework is designed to help Framework participants (including publishers and intermediaries) comply with the California Consumer Privacy Act by: (1) establishing a digital signal that Framework participants can use to communicate consumer requests to opt out of “sales” of personal information associated with digital advertising; and (2) supporting that signal with a standard contract designed to create service provider relationships between publishers and advertising companies after a consumer registers an opt out. The IAB is requesting comments, which can be sent to privacy@iab.com, by November 5, 2019.

Posted in News & Events

Webinar Invitation – CCPA Draft Regulations: What You Need to Know

Please join Hogan Lovells on October 17 for a webinar discussion of the much-anticipated proposed CCPA regulations released by the California Attorney General. The Hogan Lovells team will discuss the proposed requirements and how they would impact privacy notices, individual rights, financial incentive programs, and contracting strategies. We will also discuss steps you can take to develop reasonable and defensible CCPA compliance strategies by January 1, 2020.

Posted in Consumer Privacy

California AG Releases Proposed CCPA Regulations

On October 10, California Attorney General Xavier Becerra released proposed regulations to implement certain provisions of the California Consumer Privacy Act. The proposed regulations would create many new requirements. They provide clarifications to businesses and consumers in five key CCPA areas as summarized within this post.

Posted in News & Events

Privacy and Cybersecurity October 2019 Events

October is full of exciting events where we will share insights on the CCPA, cyber incident response preparedness, data transfers, and more. We hope you can join us!

Posted in Consumer Privacy

The Results Are in: Modest Changes to CCPA Await the Governor’s Signature

Since the California Consumer Privacy Act’s hasty passage in June last year and minor changes last September, the CCPA has vexed businesses working on compliance. Among many practical challenges, the CCPA often includes inconsistent or ambiguous requirements that have been an obstacle to implementing clear compliance strategies. Businesses, some academics, and various legislators thought that further amendments were needed to make the CCPA work effectively and accomplish its objectives. Over the past several months, the California legislature debated several amendments, eventually passing five bills, which now sit on the Governor’s desk. These bills collectively do not provide the sweeping changes sought by businesses. Instead amendments make minor tweaks and postpone for a year some of the more challenging requirements.

Posted in News & Events

Hogan Lovells at IAPP Privacy. Security. Risk. 2019

Join members from our award-winning Privacy and Cybersecurity practice at this week’s IAPP Privacy. Security. Risk. 2019 conference in Las Vegas. We hope to see you at one of our sessions listed below.

Posted in News & Events

All-Day Workshop: Privacy and Cybersecurity KnowledgeShare (Agenda & Speakers Announced)

Join us on Thursday 19 September for the Hogan Lovells Privacy and Cybersecurity KnowledgeShare in London. We will share our latest thinking on the key privacy and cybersecurity issues faced by those with data protection responsibilities within organisations. Our all-day event will cover a lot of ground through incisive quick-fire presentations, Q&A panels and hands-on workshops.

Posted in News & Events

Privacy and Cybersecurity September 2019 Events

Join us in September as we will be at the IAPP Privacy. Security. Risk. 2019 conference in Las Vegas discussing the CCPA, the GDPR, and traits of effective privacy and security professionals. We will also be exploring the latest thinking on key privacy and cybersecurity topics as well as cybersecurity as it relates to medical devices and patients, and more. We hope you can join us.

Posted in News & Events

All-Day Workshop: Privacy and Cybersecurity KnowledgeShare

Join us on Thursday 19 September for the Hogan Lovells Privacy and Cybersecurity KnowledgeShare in London. We will share our latest thinking on the key privacy and cybersecurity issues faced by those with data protection responsibilities within organisations. Our all-day event will cover a lot of ground through incisive quick-fire presentations, Q&A panels and hands-on workshops.

Posted in News & Events

Now Available: Webinar – Operationalizing the California Consumer Privacy Act – Key Decisions and Compliance Strategies

On June 20, 2019, Hogan Lovells partners Mark Brennan and Bret Cohen discussed in great detail the impact of the law, explained key definitions, and offered practical guidance on how to navigate it during the webinar, “Operationalizing the California Consumer Privacy Act.” More than 600 live attendees participated and were able to hear Mark and Bret cover how to determine whether businesses are covered, how to account for opt-outs from sales to third parties, the content and timing of CCPA notices, how to apply the CCPA’s exceptions, and more.

Posted in Consumer Privacy

New Nevada Privacy Law With “Sale” Opt-Out Right Will Take Effect Before the CCPA

Nevada has a new privacy law. On May 29, Nevada Governor Steve Sisolak signed Senate Bill 220 (SB-220) into law, making Nevada the first state to join California in granting consumers the right to opt out of the sale of their personal information. The act, which amends an existing online privacy notice law, is significantly narrower than the California Consumer Privacy Act (CCPA).

Posted in News & Events

Webinar on Hacking 101: How it works and how to mitigate risk

Please join the Hogan Lovells Privacy and Cybersecurity team on May 15 for our webinar, Hacking 101: How it Works and How to Mitigate Risk. We will explore how certain common hacks work from a technical perspective and how to mitigate related risks from a legal and compliance perspective.

Posted in Consumer Privacy

CCPA Amendments Advance through California Assembly

A number of legislative proposals seeking to amend the California Consumer Privacy Act are moving forward following an April 23 hearing before the California Assembly’s Committee on Privacy and Consumer Protection in which the bills were approved. The bills will now advance to the Assembly’s Appropriations Committee before being voted on by the full Assembly and potentially advancing to the California Senate for consideration.

Posted in Consumer Privacy

Efforts to Expand CCPA’s Private Right of Action Remain in Question

The California legislature is considering significant amendments to the California Consumer Privacy Act ahead of the law’s January 1, 2020 implementation date. Of particular note has been the potential for CCPA amendments to expand the private right of action beyond violations of businesses’ duty to implement and maintain reasonable security procedures to instead cover violations of any CCPA rights.

Posted in Consumer Privacy

Beyond FERPA: The California Consumer Privacy Act’s New Rules for Privacy in the Education Sector

In June of 2018, California passed the California Consumer Privacy Act, which seeks to give consumers additional safeguards regarding their personal information. The CCPA will become effective January of 2020 and may impact companies in the education sector, including the larger education technology companies. While the CCPA does not apply to nonprofit educational institutions, it may apply to certain for-profit educational institutions, third-party service providers, and others in the education space. If an educational entity meets the threshold requirements below or it processes information on behalf of such an entity, it should prepare for CCPA implementation by January 2020.

Posted in News & Events

Privacy and Cybersecurity April 2019 Events

Join us this month as we address questions about the groundbreaking California Consumer Protection Act, consumer trust issues, TCPA, trends in global privacy enforcement, navigating ePrivacy requirements, and the GDPR as Brexit nears.

Posted in Consumer Privacy

CCPA Update: CA AG Backs Bill to Expand Private Right of Action and Remove Cure Period

A bill introduced to amend the California Consumer Privacy Act of 2018 (“CCPA” or the “Act”) could greatly expand the risks to businesses that collect the personal information of California consumers. Senate Bill 561 (“SB 561”) would expand the CCPA’s private right of action to any violation of a consumer’s CCPA rights, remove the existing 30-day cure period, and eliminate businesses’ right to consult the AG’s office regarding compliance. SB 561 would not impact the CCPA’s current effective date of January 1, 2020.

Posted in Consumer Privacy

California Consumer Privacy Act: The Challenge Ahead – The CCPA’s “Reasonable” Security Requirement

Much of the focus on the California Consumer Protection Act (“CCPA”) has been on the new rights that it affords California consumers, including the rights to access, delete, and opt out of the sale of their personal information. But arguably the greatest risk to covered businesses involves data security, as the CCPA creates for the first time a private right of action with substantial statutory penalties for breaches involving California consumers’ personal information. This installment of the Hogan Lovells’ CCPA series explains the CCPA’s security requirement and consequences for non-compliance, and describes security controls that most organizations can implement to mitigate this risk.

Posted in Consumer Privacy

California DoJ Sets March 8 Deadline for CCPA Pre-Rulemaking Comments

The California Department of Justice has announced a March 8, 2019 deadline for submitting written pre-rulemaking comments on the California Consumer Privacy Act (CCPA). The March 8 deadline is an extension from the previously set end-of-February deadline. Pursuant to section 1798.185(a) of the CCPA, the California Attorney General (AG) is obligated to solicit broad public participation and adopt regulations to further the purposes of the CCPA. The CCPA sets out seven specific areas for AG rulemaking.

Posted in Consumer Privacy

California Department of Justice to Hold Six Public Forums on the CCPA

The California Attorney General Xavier Becerra and the California Department of Justice will hold six public forums about the California Consumer Privacy Act (CCPA) that are open to all members of the public. These public forums are being held pursuant to Section 1798.185 of the CCPA, which requires the Attorney General to “solicit broad public participation and adopt regulations to further the purposes” of the CCPA.

Posted in Consumer Privacy

California Consumer Privacy Act: The Challenge Ahead – The CCPA’s Anti-Discrimination Clause

One of the most controversial elements of the California Consumer Privacy Act (“CCPA”) is the establishment of an “anti-discrimination” right – businesses may not “discriminate” against consumers for exercising certain rights under the CCPA, and they will need to assess whether and how they can require consumers to accept certain data practices as a condition of service.  Compliance would be challenging even if the provision were articulated clearly, but as we have discussed in this blog series, the accelerated drafting process and passage of the CCPA earlier this year left little time for public comment and responsive amendments.  As a result, the law includes a series of ambiguities that complicate compliance, and nowhere is that more apparent than in the anti-discrimination provision.

This entry in Hogan Lovells’ ongoing series on the CCPA focuses on the law’s anti-discrimination clause, its ambiguities and potentially contradictory provisions, and impact on businesses.