CCPA Compliance: Tighter Restrictions from the CCPA & Proposition 24
On November 3, 2020, California voters passed Proposition 24, which amends and expands the California Consumer Privacy Act (CCPA). The CCPA, which became effective earlier this year, requires companies marketing to, or doing business with, Californians to revise their privacy programs, policies, and even systems in significant ways. The passage of Proposition 24, called the California Privacy Rights Act of 2020 (CPRA), will require organizations to once again evaluate their privacy programs, and they are likely to need to make additional changes for CCPA Compliance.
The CCPA was a landmark piece of privacy legislation in the United States. Designed to empower California residents, the law gives consumers control over certain information captured or maintained by the businesses they interact with. However, there were concerns that the CCPA did not go far enough to protect consumers. Proposition 24 builds on the existing framework and creates a more comprehensive consumer privacy mandate that could be used as a template for future federal privacy legislation.
Major provisions of Proposition 24, scheduled to become operative in January 2023 for data collected beginning in January 2022, include the following:
- Created a new category of “sensitive personal information,” which includes the consumer’s racial or ethnic origin, religious beliefs, genetic information, sexual orientation, union membership, and more.
- Required changes to the notice provided to consumers at the time information is collected, including the retention period for information or the criteria used to determine a retention period in certain circumstances.
- Created a requirement that businesses must honor consumers’ requests not to share personal information. In addition, if a consumer asks a business to correct information in its records, the business must comply.
- Mandated that businesses must obtain permission before collecting information from people under the age of 16, and must obtain information from a parent or guardian before collecting information from anyone under age 13. Fines for violations of these provisions are tripled from existing penalties under the CCPA.
- Created a specific data security requirement, mandating that businesses implement reasonable policies and procedures to prevent the unauthorized access, use, modification, destruction, or disclosure of consumers’ information.
- Removed the time period for businesses to self-correct violations before being subject to penalties.
- Established the California Privacy Protection Agency, which is charged with interpreting and enforcing the CPRA’s privacy requirements.
Organizations that are subject to Proposition 24’s provisions should begin planning now, and should create tailored CCPA compliance plans designed to implement and manage compliance with the law’s expanded requirements.
Baer Reed helps organizations by providing a variety of business and legal support solutions, including assistance with CCPA compliance. Contact us to learn more!
- On November 30, 2020
- Back to post list
Mr. Reyes graduated with honors from the Ateneo de Manila University, where he received the Procter and Gamble Student Excellence Award. He obtained his Juris Doctor degree from the Ateneo de Manila School of Law. During law school, Mr. Reyes was part of the Philippine delegation to the Willem C. Vis International Commercial Arbitration Moot held in Vienna, Austria. He was also a member of the Ateneo Society of International Law and the St. Thomas More Debate Society. He completed his internship at the Public Attorney’s Office. He wrote a thesis entitled: “To Kill A White Elephant: An Analysis of the Fiduciary Exception to the Corporate Attorney-Client Privilege”. Mr. Reyes is admitted to practice law in the Philippines and the State of New York.
Ms. Lardizabal-Manzano is a graduate of San Sebastian College-Recoletos, where she earned her B.A. in Political Science. In 2003, she received her law degree from Lyceum of the Philippines and was admitted to practice law in 2004.
Matthew Hersh earned a B.A. in Political Science from Columbia University in 1990 and graduated cum laude from Georgetown University Law Center in 1999. He also holds a master’s degree in international relations from the Georgetown University School of Foreign Service.
Cap. Avi Levak (Res. IDF) graduated from from Israel’s prestigious Ben-Gurion University of the Negev with a Bachelor of Science in Computer Science and Mathematics. He is also a Leadership and Communication coach trained in TuT coaching by Alon gal in Israel. Avi specializes in high-level, in-depth analysis of business and client needs, within systems and software strategy and architecture.
Ms. Tyler graduated cum laude from Georgetown University and received her law degree, cum laude, from Georgetown University Law Center. During law school, she interned at the United Nations Economic Commission for Europe. She also worked on The Tax Lawyer journal and was a member of the award-winning Barristers’ Council Mock Trial Team. Ms. Tyler is admitted to practice law in the State of California and the District of Columbia.
Ms. Cruz-Anonuevo graduated cum laude and top nine in her batch from Miriam College with a degree of Bachelor of Arts in InternationalStudies. She obtained her Juris Doctor degree from Ateneo de Manila University School of Law in Rockwell. During law school, she interned in Rivera, Santos, Maranan & Associates. She was also part of Ateneo’s Labor Law Bar Operations. She wrote her thesis on, “Stealing Privacy: Limitations on Media’s Photographic Invasion.,” Ms. Cruz-Anonuevo is admitted to practice law in the Philippines.
Ms. Aquino-Batallones obtained a Bachelor of Arts degree in Development Studies (with Minors in Global Politics and Hispanic Studies) from the Ateneo de Manila University. In 2011, she received her Juris Doctor degree from Ateneo de Manila University School of Law. During law school, she interned at Romulo Mabanta Buenaventura Sayoc & de los Angeles then became an intern of Ateneo Legal Services Center’s Clinical Legal Education Program.
Mr. De Guzman graduated from San Beda College with a degree of Bachelor of Arts Major in Economics and received his law degree from San Beda College of Law. He is multilingual and is fluent in three languages: Chinese, Filipino, and English. He was admitted to the Philippine Bar in 2003.