The amendment and expansion of the California Consumer Privacy Act (CCPA), approved by California voters’ passage of Proposition 24 as the California Privacy Rights Act of 2020 (CPRA), will require businesses to make key changes to their privacy programs and systems before its January 2023 implementation (for data collected beginning in January 2022). Covered businesses will be required to adhere to more stringent requirements that include consumer notices, compliance with certain requests, age-based data collection and usage restrictions, employee data protection, minimum data security mandates, and more.
While many organizations relied on outside counsel to help them navigate the changes necessitated by the original CCPA legislation, some businesses are now considering hiring contract or even permanent staff charged with managing the rollout of and ongoing compliance with the CPRA. Some of the new requirements are policy-based, including the formulation and dissemination of required consumer notices. Others, however, are more transactional in nature. Bringing on support staff may offer a solution to manage ongoing compliance with tasks such as monitoring and testing systems, verifying that requests to access or delete data were handled appropriately, and researching an evolving landscape of privacy requirements.
The California regulations are not the only privacy rules with which businesses must comply. Many organizations around the world are subject to the EU’s General Data Protection Regulation (GDPR), which became effective in 2018. And in addition to California, several other states, including New York, Maryland, Massachusetts, Hawaii, and North Dakota, have enacted privacy laws with varying requirements. With consumer privacy becoming an increasingly important issue, it is reasonable to assume that other states and countries around the world will adopt protectionary legislation in the coming years.
U.S. businesses marketing to and working with customers across state lines, as well as global organizations, will likely find it simplest to create privacy policies and implement systems designed to comply with the most stringent requirements, rather than managing disparate systems and policies. This increased focus on consumer privacy underscores the need for organizations to be proactive about adding support solutions to manage privacy mandates.
Baer Reed provides legal services, including support for managing consumer privacy programs, to organizations around the world. Contact us to learn more.
Mr. Reyes graduated with honors from the Ateneo de Manila University, where he received the Procter and Gamble Student Excellence Award. He obtained his Juris Doctor degree from the Ateneo de Manila School of Law. During law school, Mr. Reyes was part of the Philippine delegation to the Willem C. Vis International Commercial Arbitration Moot held in Vienna, Austria. He was also a member of the Ateneo Society of International Law and the St. Thomas More Debate Society. He completed his internship at the Public Attorney’s Office. He wrote a thesis entitled: “To Kill A White Elephant: An Analysis of the Fiduciary Exception to the Corporate Attorney-Client Privilege”. Mr. Reyes is admitted to practice law in the Philippines and the State of New York.
Ms. Lardizabal-Manzano is a graduate of San Sebastian College-Recoletos, where she earned her B.A. in Political Science. In 2003, she received her law degree from Lyceum of the Philippines and was admitted to practice law in 2004.
Matthew Hersh earned a B.A. in Political Science from Columbia University in 1990 and graduated cum laude from Georgetown University Law Center in 1999. He also holds a master’s degree in international relations from the Georgetown University School of Foreign Service.
Cap. Avi Levak (Res. IDF) graduated from from Israel’s prestigious Ben-Gurion University of the Negev with a Bachelor of Science in Computer Science and Mathematics. He is also a Leadership and Communication coach trained in TuT coaching by Alon gal in Israel. Avi specializes in high-level, in-depth analysis of business and client needs, within systems and software strategy and architecture.
Ms. Tyler graduated cum laude from Georgetown University and received her law degree, cum laude, from Georgetown University Law Center. During law school, she interned at the United Nations Economic Commission for Europe. She also worked on The Tax Lawyer journal and was a member of the award-winning Barristers’ Council Mock Trial Team. Ms. Tyler is admitted to practice law in the State of California and the District of Columbia.
Ms. Cruz-Anonuevo graduated cum laude and top nine in her batch from Miriam College with a degree of Bachelor of Arts in InternationalStudies. She obtained her Juris Doctor degree from Ateneo de Manila University School of Law in Rockwell. During law school, she interned in Rivera, Santos, Maranan & Associates. She was also part of Ateneo’s Labor Law Bar Operations. She wrote her thesis on, “Stealing Privacy: Limitations on Media’s Photographic Invasion.,” Ms. Cruz-Anonuevo is admitted to practice law in the Philippines.
Ms. Aquino-Batallones obtained a Bachelor of Arts degree in Development Studies (with Minors in Global Politics and Hispanic Studies) from the Ateneo de Manila University. In 2011, she received her Juris Doctor degree from Ateneo de Manila University School of Law. During law school, she interned at Romulo Mabanta Buenaventura Sayoc & de los Angeles then became an intern of Ateneo Legal Services Center’s Clinical Legal Education Program.
Mr. De Guzman graduated from San Beda College with a degree of Bachelor of Arts Major in Economics and received his law degree from San Beda College of Law. He is multilingual and is fluent in three languages: Chinese, Filipino, and English. He was admitted to the Philippine Bar in 2003.