CCPA 12-month compliance series part 1: participate in rulemaking

Data privacy

The California Consumer Privacy Act is due to take effect in January 2020. The legislation will strengthen data protection rights for citizens. Like the EU’s GDPR, there is still much confusion regarding organisation’s requirements of the CCPA and how this aligns with other privacy regulations such as the GDPR.

Law firm, Perkins Coie is writing a monthly series of updates on the CCPA. The first in the series looks at the new topics raised in public forums.

The California Office of the Attorney General (OAG) will be promulgating regulations to further and provide guidance regarding the California Consumer Privacy Act (CCPA). You can participate in the rulemaking process.

The OAG is holding public forums where all members of the public are invited to speak (RSVP) or simply attend. We reported on the first two forums in San Francisco and San Diego here. Forums were held in Los Angeles and Riverside, Sacramento, where the following new topics were raised:

  • “Do Not Sell” icon. Speakers requested that instead of requiring businesses to provide a “Do Not Sell My Personal Information” link on their homepage, a logo be developed and permitted to be used instead. One speaker pointed out that the “Do Not Sell” link would have to be placed on all businesses that are subject to the CCPA, including those that do not sell personal information.
  • Financial institutions. Several participants raised issues that are unique to financial institutions, such as the scope of the Gramm-Leach-Bliley Act exemption and whether marketing activities of financial institutions or selling of financial portfolios would be subject to the CCPA. [See our article for further discussion, and join our biweekly CCPA financial services industry comments calls.]

The remaining CCPA public forums will be held on, February 13 (Fresno), and March 5 (Stanford).

Watch our video on letting your voice be heard. We are organising comments for businesses to be anonymised and submitted in a report to the OAG. Please send us your comments through this portal. Also, take advantage of our CCPA readiness survey to benchmark your compliance approach and efforts with other companies.

We encourage you to take full advantage of the many opportunities to be heard.

California is not alone: Washington introduced CCPA-like legislation earlier this month. Read our client update on the Washington privacy bill here.

 

By Dominique Shelton-Leipzig, Bo W. Kim, Sari Ratican, and Natasha Amlani, Perkins Coie


PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.

For more information on upcoming events, visit the website.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.