California’s Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) give consumers substantial rights regarding the disclosure and use of their personal information collected by businesses subject to the law. Significantly, CCPA/CPRA define the term “consumer” to mean any California resident. This broad definition extends not only a business’s individual customers, but also its employees, job-applicants and even its business-to-business (B2B) contacts. We have previously discussed the compliance requirements of these data privacy laws on organizations doing business in California, and the moratoriums for B2B and employee/applicant data that that the Legislature had put in place exempting covered businesses from complying with certain requirements of the laws.[1] Unless extended by the Legislature (which appears unlikely) or preempted by federal privacy legislation (which appears even more unlikely), the moratoriums will sunset on January 1, 2023. Accordingly, covered businesses should begin preparing now to meet their upcoming expanded statutory obligations to protect consumers data privacy.
Blog Editors
Recent Updates
- New Federal Agency Policies and Protocols for Artificial Intelligence Utilization and Procurement Can Provide Useful Guidance for Private Entities
- Video: Non-Competes Eased, Anti-DEI Rule Blocked, Contractor Rule in Limbo - Employment Law This Week
- Video: Insider Strategies for Wage and Hour Compliance Success: One-on-One with Paul DeCamp
- Video: Can the President Fire NLRB Members Without Cause? SCOTUS May Decide - Employment Law This Week
- The Third Circuit Orders Another Review in Cornelius v. CVS Pharmacy, Inc.—Resolution Will Wait for Another Day in New Jersey Federal Court, but Not Because of the EFAA