Effective as of January 1, 2020, the California Consumer Privacy Act (the “CCPA”) grants consumers a limited right to sue if they become the victim of a data breach. For organizations that fail to fulfill the new law’s obligations, the stakes will be high. Is your organization prepared?
California’s Consumer Privacy Act (the “CCPA”) was inspired by some of the same principles as the European Union’s General Data Protection Regulation (the “GDPR”). If your business has done work to comply with the GDPR—such as implementing certain processes—that work likely will benefit your CCPA compliance efforts, but it will not be enough, by itself, to comply with the CCPA. MoFo Privacy + Data Security Partner Chris Lyon explains this in the final episode of our “Cracking the CCPA Code” series. #CrackingtheCCPACode
The CCPA imposes special requirements on businesses that want to sell the personal information of individuals 16-years-old and younger. These requirements apply only if the business has “actual knowledge” of the individual’s age. But the CCPA doesn’t define “actual knowledge,” so where should businesses look for guidance? MoFo Privacy + Data Security partner Julie O’Neill explains in a new episode of our “Cracking the CCPA Code” series. #CrackingtheCCPACode
The CCPA allows consumers whose information was accessed without their authorization to sue the business that facilitated the breach by failing to adopt appropriate security measures. But the act grants such causes of action only when certain kinds of personal information are disclosed to unauthorized parties as a result of specific types of data security events. MoFo Privacy + Data Security partner Purvi G. Patel explains in a new episode of our “Cracking the CCPA Code” series. #CrackingtheCCPACode
The CCPA provides consumers with the right to request a business to disclose information that it has collected about them. How must businesses make it possible for consumers to make these requests? Why must businesses explore practical, privacy-protective methods for verifying these requests? What may a business do with information it collects through those verification processes? MoFo Privacy + Data Security partner Purvi G. Patel explains in a new episode of our “Cracking the CCPA Code” series. #CrackingtheCCPACode
The Gramm-Leach-Bliley Act (GLBA) exception of the California Consumer Privacy Act (CCPA) is particularly relevant to financial institutions, but it doesn’t exempt financial institutions from the CCPA’s privacy obligations entirely. Moreover, the GLBA exception does not prohibit a person or entity from pursuing the private cause of action established by the CCPA for certain data security events, even if the data involved is subject to the GLBA. MoFo Privacy + Data Security Partner Nate Taylor explains in a new episode of our “Cracking the CCPA Code” series. #CrackingtheCCPACode
The CCPA provides various contract provisions that can be added to service provider agreements in order to determine the treatment of the service providers under the law. But amending service provider agreements is burdensome, and is it really necessary? What benefits are afforded by amending service provider agreements under the CCPA? MoFo Privacy + Data Security Partner Kristen Mathews explains in the latest episode of our “Cracking the CCPA Code” video series. #CrackingtheCCPACode
The CCPA requires covered businesses to make certain disclosures about how they handle California residents’ personal information. Exactly what information must those disclosures contain? Where must the disclosures appear? How often must the disclosures be updated? MoFo Privacy + Data Security Partner Nate Taylor has the answers in a new episode of our “Cracking the CCPA Code” series. #CrackingtheCCPACode
The CCPA requires organizations to honor individuals’ requests to opt out of the sale of their information. But the definition of “sell” under the CCPA is broader than you might think. MoFo Privacy & Data Security Partner Julie O’Neill explains in the latest episode of our “Cracking the CCPA Code” video series. #CrackingtheCCPACode
MoFo Partner Miriam Wugmeister explains the specific actions organizations must take to comply with the CCPA’s five core obligations, in the latest episode of our “Cracking the CCPA Code” video series. Watch now to learn more. #CrackingtheCCPACode
As its name implies, the CCPA obligates organizations to take certain actions to safeguard the privacy of “consumers”—a group that the Act defines even more broadly than you might expect. Chris Lyon, a partner in MoFo’s Privacy & Data Security group, explains in the latest episode of our “Cracking the CCPA Code” video series. Watch now to learn more. #CrackingtheCCPACode
In this episode of our Cracking the CCPA Code video series, MoFo Partner Miriam Wugmeister sheds light on the differences between the CCPA and the Nevada Privacy Law. Watch now to learn more. #CrackingtheCCPACode
In this episode of our Cracking the CCPA Code video series, MoFo Partner Kristen Mathews outlines the three main challenges that clients face as a result of the CCPA. Watch now to learn more. #CrackingtheCCPACode
Disclaimer
Unsolicited e-mails and information sent to Morrison & Foerster will not be considered confidential, may be disclosed to others pursuant to our Privacy Policy, may not receive a response, and do not create an attorney-client relationship with Morrison & Foerster. If you are not already a client of Morrison & Foerster, do not include any confidential information in this message. Also, please note that our attorneys do not seek to practice law in any jurisdiction in which they are not properly authorized to do so.
