Shortly before the California Privacy Right Act (CPRA) modifications to the California Consumer Privacy Act (CCPA) were set to become enforceable on July 1, 2023, a Sacramento Superior Court judge issued a ruling on June 30, 2023 pushing enforcement of CPRA regulations from July 1, 2023 to March 29, 2024.
Continue Reading Enforcement of CPRA Regulations Delayed
As companies prepare for the provisions of the California Privacy Rights Act (“CPRA”) to come into effect in January 2023, California Office of Attorney General (“OAG”) has signaled that companies should not wait to start complying with the Global Privacy Control (“GPC”). A recent lawsuit and subsequent $1.2 million settlement by the OAG against French e-commerce company Sephora, Inc. that targeted compliance with the GPC. In announcing the settlement, the OAG also made it known that it had “also sent notices today to a number of businesses alleging non-compliance relating to their failure to process consumer opt-out requests made via user-enabled global privacy controls, like the GPC” because, “[u]nder the CCPA, businesses must treat opt-out requests made by user-enabled global privacy controls the same as requests made by users who have clicked the ‘Do Not Sell My Personal Information’ link.” In other words, the OAG is taking the position that the California Consumer Privacy Act (“CCPA”) already requires implementation of the GPC.
Continue Reading California AG Signals Enforcement of the Global Privacy Control Under the CCPA