Enforcement of the California Consumer Privacy Act officially began Wednesday despite the lack of a final, codified version of the regulation. Experts weigh in on compliance steps organizations should take.
Organizations have been scrambling to comply with the California Consumer Privacy Act before enforcement begins in July, say Caitlin Fennessy, research director of the International Association of Privacy Professionals, and Dominique Shelton Leipzig, a partner at Perkins Coie LLP.
The California Consumer Privacy Act, the EU's General Data Protection Regulation and other privacy laws are focused on making enterprises and boards of directors more accountable, says Marc Cohen of ePlus Technology, who discusses compliance issues.
In an in-depth interview, privacy expert Caitlin Fennessy sorts through modified draft regulations to carry out the California Consumer Privacy Act that are designed to help businesses take a more pragmatic approach to privacy.
Many companies that should be offering customers the ability to "opt out" of the sale of their information under the California Consumer Privacy Act are failing to do so because of the law's ambiguities, some legal experts say. CCPA went into effect Jan. 1, but it won't be enforced until July.
After several moves by Democrats to introduce federal privacy legislation, Republican Senator Roger Wicker on Tuesday unveiled a draft consumer privacy bill, the United States Consumer Data Privacy Act of 2019, that would override various state laws on privacy, including the California Consumer Privacy Act.
Getting the proper vendor contracts completed is a top concern for organizations preparing to comply with the California Consumer Privacy Act, says Caitlin Fennessy, research director at the International Association of Privacy Professionals.
With the California Consumer Privacy Act set to go into effect Jan. 1, 2020, companies are making last-minute compliance preparations. But these preparations are challenging because regulations to carry out the law are still pending and ambiguities remain. Here's a look at three issues.
One key step for preparing to comply with the California Consumer Privacy Act, which goes into effect in January, is determining how best to verify the identity of users, say two leaders of the Sovrin Foundation, who discuss the key issues.
Draft regulations to carry out the California Consumer Privacy Act do not go far enough to clarify ambiguities in the law, which goes into effect Jan. 1, 2020, says privacy attorney Sadia Mirza of the law firm Troutman Sanders, who encourages organizations to submit comments on the proposed regs.
Gov. Gavin Newsom has signed into law six amendments to the California Consumer Privacy Act as well as another bill updating the state's long-standing data breach law. Meanwhile, draft CCPA implementation regulations have been unveiled.
Unlike the European Union's General Data Protection Regulation, the California Consumer Protection Act is very prescriptive in nature, says Subhajit Deb of Dr Reddy's Laboratories, a global pharmaceutical company. In a video interview, he offers compliance insights.
Post-GDPR, the California Consumer Privacy Act was the first piece of US legislation to emerge - but it's hardly the last. Attorney Sadia Mirza of Troutman Sanders talks about the potential impact of CCPA and other pending privacy legislation.