CPRA: California 2020 Ballot Initiative Means Potential Changes to CCPA
Back in May, I wrote on the Mentor Blog about California’s ballot initiative — the California Privacy Rights Act (CPRA). And, earlier this summer, I also wrote about the release of final CCPA regulations as California’s Attorney General began enforcement of the regulations on July 1. Now, as has been widely reported, the CPRA initiative has qualified to be on California ballots in November. A Sidley blog says the initiative has a strong chance of passing and provides an overview of what this might mean:
In the short term, the CPRA will help businesses by preserving through 2022 the employee and business-to-business exemptions that are otherwise scheduled to sunset on December 31, 2020. Some of the potential changes, among others, relate to new duties imposed on businesses that collect personal information and their service providers, new rights for sensitive personal information and expansion of data breach liability to include email addresses with passwords.
The blog notes that the CPRA would create a requirement for annual cybersecurity audits and regular risk assessments for high risk data processors – Businesses whose processing of consumers’ personal information “presents a significant risk to consumers’ privacy or security” would be required to perform annual cybersecurity audits and submit to the new California data protection agency, “on a regular basis,” risk assessments weighing the benefits of processing personal information to the business, the consumer, other stakeholders, and the public, against the potential risks to the consumer.
Presuming the initiative passes, Sidley’s blog suggests company compliance efforts will begin soon thereafter — while most of the CPRA would not go into effect until January 2023, obligations of businesses with respect to the personal information covered by the amended CCPA would relate to personal information collected beginning in January 2022.
-Lynn Jokela, TheCorporateCounsel.net August 7, 2020
Want to keep reading?
Great. Enter your email address and gain instant access to this article