On December 8, 2023, the California Privacy Protection Agency (CPPA) will hold a board meeting seeking public comment on various privacy regulations. The meeting, which will take place on Zoom, will cover several topics listed in its published agenda. The New CPRA Rules Subcommittee will provide an update and present on the Draft Regulations on […]
Regulation
Colorado AG Publishes Shortlist of Universal Opt-Out Mechanisms
On November 21, 2023, the Colorado Attorney General (the “AG”) published a shortlist of potential universal opt-out mechanisms (“UOOMs”) that the AG is considering recognizing as binding under the Colorado Privacy Act (the “CPA”). Beginning on July 1, 2024, the CPA will require covered controllers to comply with Colorado consumers’ requests to opt out of […]
California Privacy Protection Agency Releases Draft Regulations on Risk Assessments
On August 28, 2023, the California Privacy Protection Agency (the “Agency”) released two sets of draft regulations under the California Consumer Privacy Act (the “CCPA”), one for risk assessments and another for cybersecurity audits, as part of the Agency’s informal rulemaking process. We discuss the draft cybersecurity audits in California Proposes Annual Audits to Assess […]
California Proposes Annual Audits to Assess Sufficiency and Compliance of Company Cybersecurity
In late August 2023, the California Privacy Protection Agency (“CPPA” or “Agency”) released a discussion draft of proposed regulations under California’s data privacy law, the California Consumer Privacy Act (“CCPA”). Importantly, the proposed regulations set forth more detailed obligations for company cybersecurity programs, including routinely assessing and filing audits with the CPPA. Though these draft […]
Oregon Becomes the Fourth State to Enact a Data Broker Law
Oregon Governor Tina Kotek signed into law the Bill Relating to Registration of Business Entities that Qualify as Data Brokers (HB 2052) (the “Act”) on July 27, 2023. Effective January 1, 2024, the Act will require data brokers to annually register with the Oregon Department of Consumer and Business Services (the “Department”). The Act makes […]