First California Consumer Privacy Act Enforcement Action Settlement and Sunsetting of Employee Data Exemptions Signal Significant Compliance Challenges Ahead
In this article, the authors discuss several recent privacy-related developments in California, and explore their implications for businesses.
In a busy couple of weeks for California privacy, regulatory priorities came into sharp focus when California Attorney General Rob Bonta (“Attorney General”) announced the first settlement of a California Consumer Privacy Act (“CCPA”) enforcement case with Sephora, Inc. (“Sephora”) relating to its purported failure to comply with CCPA requirements regarding “sales” of personal information.
The Attorney General also provided additional summaries of other enforcement case examples where violations had been cured prior to further enforcement action. Additionally, the California Legislature failed to pass bills extending the partial exemptions for employee personal information under the CCPA, creating additional compliance burdens for businesses with employees in California.
To read the full article, please click here.
“First California Consumer Privacy Act Enforcement Action Settlement and Sunsetting of Employee Data Exemptions Signal Significant Compliance Challenges Ahead,” by Alex C. Nisenbaum, Sharon R. Klein, Ana Tagvoryan, and Karen H. Shin was published in the November–December 2022 of Pratt’s Privacy & Cybersecurity Law Report (Vol. 8, No. 9), an A.S. Pratt Publication, LexisNexis. Reprinted with permission.
This article was first published as a Blank Rome Privacy, Security & Data Protection client advisory in September 2022.