The California Consumer Privacy Act of 2018 (CCPA) provides California residents with a broad range of data privacy rights and is one of the most comprehensive data protection laws in the United States.
Pursuant to the CCPA, California residents now have rights related to accessing personal data, requesting the deletion of personal data, receiving notice of data processing activities, and opting out from the sale of data.
On November 3, 2020, California voters approved Proposition 24, also known as the California Privacy Rights Act of 2020 (CPRA), which amends and expands upon the CCPA. In particular, the CPRA establishes new data privacy rights for California residents (e.g., rectification, do not “share” rights, limits on use of sensitive data), imposes new obligations and liabilities on businesses and service providers, and creates a regulatory agency empowered to enforce California privacy law and prosecute noncompliance. The new regulatory agency, the California Privacy Protection Agency, is vested with full administrative power, authority, and jurisdiction to implement and enforce the CCPA (as amended by the CPRA).
The CPRA becomes operative on January 1, 2023, and, with some exceptions, will apply to California residents’ personal information collected by organizations after January 1, 2022.
California is one of the largest economies in the world. Is your business impacted by the CCPA? If so, here are just a few ways that Thompson Hine can help:
CCPA Checklist
Resources
If your organization has suffered a data breach or incident, please contact us at any time (24/7) at DataBreachResponse@ThompsonHine.com or fill out our online form below.