Alastair MacTaggart and the Californians for Consumer Privacy (the advocacy group responsible for the California Consumer Privacy Act – CCPA) submitted a ballot measure in the fall of 2019 titled The California Privacy Rights Act of 2020 (CPRA).
In order to be on the California general election ballot in November, the initiative needed at least 623,212 signatures by June 25th. As of early May, this threshold was surpassed withover 900,000 signatures. These signatures are being verified, so we will keep an eye on this part of the process as well.
CPRA strengthens the current privacy law in California and provides consumers with additional rights and protections surrounding their personal information. Proposed rights and requirements include:
- A new category of personal information: sensitive personal information
- SSN, driver’s license number, passport number, health information, and more
- Right to limit the use of sensitive personal information, which requires businesses to include as a special link on their websites and provide certain notices
- Right to data minimization, which includes requiring businesses to provide retention timeframes for each category of personal information collected in their notices
- Right to correct inaccurate personal information
- Right to access personal information collected before the 12-month lookback period outlined in the CCPA
- Expansion of the data breach notification requirements
- Establish an enforcement body, the California Privacy Protection Agency, and endow it with $10 million
- This would allow for the enforcement body to staff up greatly and would match the size of the FTC’s enforcement team at 40 privacy professionals strong
- Protect the CPRA’s[MC1] strength and intent of protecting Californians’ privacy
We will continue to monitor the progress of CPRA. To access the text of CPRA, visit: https://oag.ca.gov/system/files/initiatives/pdfs/19-0021A1%20%28Consumer%20Privacy%20-%20Version%203%29_1.pdf