In June 2022, the California Privacy Protection Agency (CPPA) Board first started discussions about revising the regulations previously released by the California Attorney General.
In October, the Board released proposed modifications to the regulations in advance of a planned Board meeting. Since then, the Board has rescheduled both Board and public meetings.
The Board seems to be getting closer to a final vote on the regulations but recently published further modifications to regulations. These modifications start a new public comment period that ends November 21st.
Recent updates to the regulations include:
- Sections clarifying how consumers can opt-out of having their data sold or shared, including via opt-out preference signals.
- Provisions providing allowances for enforcement flexibility, which are intended to assuage businesses’ concerns that the current delay in adopting final regulations will present compliance challenges.
- Allowances for businesses, service providers, and contractors to delay compliance with requests to correct archived or backup systems until the data is restored to an active system or is next accessed or used.
Businesses can submit comments regarding the current version of the regulations by:
- E-mail to: email@example.com . Submissions should include “CPPA Public Comment” in the subject line and provide comments within an attachment.
- Mail to: California Privacy Protection Agency
Attn: Brian Soublet
2101 Arena Blvd., Sacramento, CA 95834
Jackson Lewis will continue to track information related to privacy regulations and related issues. For additional information on the CPRA, please reach out to a member of our Privacy, Data, and Cybersecurity practice group.