Businesses that sell data regarding California residents have been put on notice by the California Privacy Protection Agency’s (the CPPA’s) recent aggressive enforcement of the California Delete Act. On October 30, 2024, the...more
Under many circumstances, state privacy laws require businesses to pass a consumer’s valid deletion request to any entity that processes the data on behalf of the business or otherwise is a recipient of the data. These...more
The U.S. is taking another swing at a federal data privacy law with the American Privacy Rights Act, or APRA. While there’s no guarantee that the APRA will become the law of the land, it’s still worthwhile to study in order...more
In October, California enacted its newest privacy legislation, commonly referred to as the “Delete Act” (California Senate Bill No. 362). The Delete Act will allow consumers to request that any data broker that maintains any...more
California continues to be at vanguard of data privacy rights. The latest effort by California legislators to protect consumer privacy rights focuses on data brokers, who under the proposed California Senate Bill 362, aka...more
Bill C-27, the Digital Charter Implementation Act, proposes new legislation that will significantly impact the Canadian privacy law landscape. The omnibus bill – which is a second reiteration of the former Bill C-11 (which...more
Under the California Consumer Privacy Act (CCPA), California consumers may exercise certain rights in relation to their personal information – and businesses have strict deadlines to respond to such consumer requests. These...more
Following the passage of the California Privacy Rights Act (CPRA), for the past two years, employers have been partially exempt from many of the California Consumer Privacy Act's (CCPA) mandates pertaining to applicants,...more
Since the California Consumer Privacy Act (“CCPA”) was passed in 2018, employers have been watching carefully to see how the law will apply to data collected and maintained about their employees. Up until now, employment data...more
Last week, the California Legislature failed to reach agreement on an extension to the employee exemption which applies to the California Consumer Privacy Act (CCPA) which currently exempts employees and employee data from...more
Most privacy laws derive from the same core foundational principles, namely the Fair Information Practice Principles (FIPPs). This includes the California Consumer Privacy Act of 2018 (CCPA), California Privacy Rights Act of...more
On November 3, 2020, California voters approved Proposition 24, a ballot initiative which enacted the California Privacy Rights Act (“CPRA”). The CPRA amends the California Consumer Privacy Act (“CCPA”), the most sweeping...more
Colorado became the third state to enact comprehensive data privacy legislation when Gov. Jared Polis signed the Colorado Privacy Act (CPA) on July 8, 2021. The CPA shares similarities with its stateside predecessors, the...more
Keypoint: There were a number of notable developments this week: the Washington Privacy Act passed out of a house committee after adding a private right of action, there was more movement on the Florida and Connecticut bills,...more
On March 15, 2021, the California Attorney General (AG) announced that the California Office of Administrative Law approved a set of proposed amendments to the final California Consumer Privacy Act (CCPA) regulations that...more
On November 3, 2020, Californians approved another significant piece of privacy rights legislation, the California Privacy Rights Act, or the CPRA. The CPRA amends and expands the already (almost) infamous CCPA (California...more
As of January 1, 2020, the California Consumer Privacy Act of 2018 (CCPA) is now the law of the land, having gone into effect at the beginning of this year. One of the more complex issues concerning the CCPA pertains to the...more
On September 29, 2020, California Governor Newsom signed Assembly Bill 1281 ("AB 1281") into law, which is good news for employers and those who engage in business-tobusiness ("B2B") transactions that fall within the scope of...more
As more organizations find themselves under scrutiny for the way they collect and use consumer data, maintaining CCPA compliance has never been more important. CCPA has been introduced to give control back to consumers,...more
With the California Consumer Privacy Act (CCPA) now in effect (January 1, 2020) and enforceable by California’s Attorney General (“AG”) (July 1, 2020), the AG has published Frequently Asked Questions (FAQs). Designed to aid...more
On April 7, 2020, the French Data Protection Authority (the CNIL) published on its website a Q&A on the right to de-listing. The right to de-listing enables a data subject to request from a search engine to remove one or...more
Shook Weighs in on Updated CCPA Regulations - In response to extensive public comment, the California Attorney General’s office released modified draft regulations under the CCPA on February 7. Shook has provided initial...more
As one of the oldest and most recognized data privacy and security practices, we have had the honor of helping dozens of companies set up and evolve their data privacy programs over the past decade. That experience has given...more
The much anticipated California Consumer Privacy Act (“CCPA”) is now in effect (as of January 1, 2020), and as we’ve recently reported, class action litigation under the CCPA has already begun. Organizations should have...more
Additional draft regulations were issued by the California Attorney General on February 7th and subsequently modified on February 10th. ...more