California Privacy Protection Agency to Review Draft Data Privacy Rules

The rules implement the California Privacy Rights Act with requirements for businesses to share collected information with consumers at their request, among others.

06/07/2022 10:30 A.M.

2.5 minute read

The review of regulations to implement the California Privacy Rights Act is underway this month by the California Protection Agency, which is tasked with implementing the state’s data privacy law—one of the first and most comprehensive in the U.S.

“The California Privacy Rights Act (CPRA) established the California Privacy Protection Agency (CPPA), and requires the CPPA to adopt, amend, and rescind regulations on 22 topics—including among other things, definitions, exemptions, technical specifications for opt-out preference signals, automated decision-making, cybersecurity audits and risk assessments, record keeping, and monetary thresholds for ‘business’ eligibility—to carry out the purposes and provisions of the CCPA,” according to an article on the draft regulations from the Troutman Pepper Law Firm.

The CPRA was adopted in 2018 and took effect on Jan. 1, 2020. The CRPA focuses on privacy rights for consumers, such as the right to know personal information collected by businesses and the right to delete the information and stop it from being sold, according to a news release from the CPPA.

It started as a ballot initiative to build on the California Consumer Privacy Act.

In November 2020, California voters approved Proposition 24, the CRPA, which sought to amend the California Consumer Privacy Act, ACA International previously reported. Some of the California attorney general’s responsibilities under the California Consumer Privacy Act will transition over to the agency created under the CPRA. However, the attorney general will retain the authority to go to court to enforce the CPRA. Enforcement of the CPRA will begin in 2023.

First Meeting

The CPPA is the first independent data protection authority in the U.S. Its board is meeting on the draft regulations starting on June 8.

In its first round of draft regulations, the board will consider the right to correct, where “a business may consider the ‘totality of the circumstances relating to the contested personal information’ when determining if the contested personal information is more likely than not to be accurate,” consumers’ opt-out preferences, consent principles for data collection and more, according to Troutman Pepper.

Data Reporting Best Practices

For more information on data reporting and metrics, John Bedard, owner of Bedard Law Group PC, and Jeremy Nixon, owner of Rockbridge Consulting LLC, are hosting a four-part deep-dive series into how you can become more efficient with data to make strategic decisions. Each session of this series will continue to unveil more on compliance and operations metrics and decision making.

The next webinar in the series, Data Reporting: Compliance & Operational Metrics, is from 2 to 3 p.m. CDT, June 15. The following webinar in the series will be July 27. Visit the registration page here.

If you have executive leadership updates or other member news to share with ACA, contact our communications department at [email protected]. View our publications page for more information and our news submission guidelines here.

This site uses cookies. By continuing to use our site, you are agreeing to our use of cookies. Review our Privacy Policy for more information. You may change your preferences on how cookies are stored by reviewing the settings on your browser.

The content on this site is presented for educational, general reference, and informational purposes only; is not intended to serve as legal or other advice; is not intended to be a full and exhaustive explanation of the law in any area; and should not replace the advice of your own legal counsel. By continuing to use our site, you are agreeing to the legal disclaimers in our Terms of Use. Review our Terms of Use for more information.

Friendly Reminder

Get continued access to ACA International’s wide array of resources, which can help you become more profitable, compliant and successful.

Renew your membership today to take advantage of tools you won’t find anywhere else:

  • Discounts on seminars, products, services and events
  • Resources to strengthen your compliance department
  • Industry-specific risk management products and services
  • Participation in ACA’s online community, The Hub
    Members-only website content
  • Professional development and training opportunities, and so much more!

If you have completed your renewal, please disregard this reminder.