Making sure that executive suite members understand the privacy landscape is key to ensuring companies stay proactive and in compliance, said panelists at a privacy risk event Tuesday. During another panel, the executive director of the California Privacy Protection Agency (CPPA) discussed how it's helping raise awareness of privacy issues with businesses. Compliance vendor DataGrail sponsored the event.
Connecticut could next year pass legislation like the California Delete Act and create a data broker registry, state Sen. James Maroney (D), author of Connecticut’s comprehensive privacy law, said on Marketecture’s The Monopoly Report podcast Wednesday. However, he said Connecticut would likely try to share the accessible deletion mechanism now under development at the California Privacy Protection Agency (CPPA).
Data brokers and other businesses face major new obligations after California Gov. Gavin Newsom (D) signed SB-361 on Wednesday (see 2510080054), privacy attorneys blogged afterward.
The California Privacy Protection Agency’s head enforcer heralded “a new era of privacy enforcement,” in an update during the CPPA Board’s Friday meeting. The agency has “hundreds” of investigations open, and in most cases the targeted businesses don’t know about them yet, said Michael Macko, deputy director of enforcement. “We haven't surfaced yet."
The California Privacy Protection Agency received final approval on automated decision-making technology (ADMT) and other rules from the Office of Administrative Law (OAL), the CPPA said Tuesday. Meanwhile, in materials released ahead of a Friday board meeting, the CPPA disclosed that it has seen a steady increase in consumer privacy complaints over the last two years.
California legislators refined a proposed update to the California Delete Act on Tuesday. Now on third reading and awaiting a floor vote in the Assembly, SB-361 by Sen. Josh Becker (D) would require data brokers to disclose more types of personal information in their state registrations than they do now.
California should maintain verification safeguards in its Delete Act rules, advertising groups said in comments to the California Privacy Protection Agency (CPPA) due Aug. 18 (see 2507310053).
It’s crunch time for the California legislature, with many privacy and AI bills nearing the finish line as lawmakers return from summer recess Monday. A few of the most potentially impactful measures for businesses cover universal opt-out preference signals, location privacy, automated decisions and so-called surveillance pricing, said privacy lawyers and consumer advocates in interviews with Privacy Daily this week.
The California Consumer Privacy Act (CCPA) is “like a big Lego block” to which state legislators “are constantly adding … Lego pieces,” said Tom Kemp, executive director of the California Privacy Protection Agency, during an IAPP webinar Tuesday. The California Privacy Rights Act, which amended the CCPA, prohibits reducing Californians’ privacy rights, he noted.
The expansion of data broker liability in states like Texas and California has companies considering multistate compliance approaches, privacy attorneys told us in interviews.