action to enable the signal. In any case, the California attorney general has now clearly identified that businesses must honor the GPC opt-out request. 5. Do Not Ignore the California Attorney General . The CCPA has a thirty-day cure period. Sephora’s failure to respond to the Attorney General Office notice of noncompliance proved costly. If you receive a notice of non-compliance take timely steps to correct the problem. The thirty-day cure period goes away with the CPRA. 6. Operationalize Compliance. Make sure you fully comply with the CCPA and CPRA. Re-evaluate your privacy policies and notices for accuracy. Confirm you have appropriate data rights request processes in place. Review your websites and mobile apps, especially those that contain third-party trackers or other adtech solutions, to make sure they are adequately configured to monitor for and honor user-enabled opt-out preference signals, such as the GPC. California Privacy Rights Act (CPRA) . On November 3, 2020, California voters passed the California Privacy Rights Act (CPRA). The CPRA expanded the CCPA and created a new and well-funded enforcement agency known as the California Privacy Protection Agency (CPPA). The CPRA aligns the CCPA even more closely with the EU General Data Protection Regulation (GDPR), granting new privacy rights to California consumers and imposing new obligations on companies – for example, requiring service providers to assist “businesses” to comply with their CCPA obligations – a requirement for processors under the GDPR. The CCPA employee and “B2B” exemptions were not extended under the CPRA. The threshold for a “business” to be covered increased from 50,000 to 100,000 consumers or households and “devices” was removed from calculation. The CPRA applies to personal information collected on or after January 1, 2022, with most provisions enforceable on January 1, 2023. A new right to correct was added along with restrictions on “sharing” data. The CPRA empowers the CPPA to issue regulations on obligations to submit data privacy impact assessments.
121
Made with FlippingBook - Online Brochure Maker