Logo
Media Centre

The CCPA Regulations Have Been Approved and are Effective Immediately

Ariel Yosefi

19 August 2020

19/08/2020
Technology & Regulation in the Spotlight

Two months after their submission, on August 14, 2020, the California Office of Administrative Law has approved the final regulations (“Regulations“) for the California Consumer Privacy Act (“CCPA“). The Regulations are effective immediately while the enforcement under the CCPA itself already began on 1 July 2020.

Several updates to provisions in the final draft Regulation were eventually withdrawn from the final Regulations for further consideration, as detailed below:

  • Notice at collection of personal information: Section 999.305(a)(5) which required companies to obtain explicit consent prior to use of consumers’ personal information for a purpose materially different than previously disclosed. However, in such cases a new notice would still have to be provided at the moment of collection.

 

  • Authorized agents: Section 999.326(c) which permitted a business to deny “requests to know” and “requests to delete” from authorized agents in cases where the agents do not submit proof of their authorization to act on the consumer’s behalf. The previous language requiring authorized agents to provide a written permission from the authorizing consumer (as opposed to “proof”) – remains in place.

 

  • Notice of right to opt-out of sale of personal information: Section 999.306(b)(2) which required companies whose main medium of interaction with consumers is offline to provide a notice by offline methods. Therefore, a notice on a website should suffice, however, offline methods of notices would still be required for companies that do not operate a website.

 

  • Requests to opt-out: Section 999.315(c) which required that the method for submitting “requests to opt-out”, as offered by the business, to include minimal steps and be easy for consumers. The provision also prohibited companies from using methods that are designed “with the purpose or has the substantial effect of subverting or impairing a consumer’s decision to opt-out”.

 

  • Opt-out request links: in addition to the abovementioned withdrawn provisions, the words “Do Not Sell My Info’” have been deleted throughout the Regulations to align with the CCPA. Therefore, companies would have to use the phrasing “Do Not Sell My Personal Information” in their opt-out request link on their websites.

 

Earlier last year we published our CCPA Compliance Playbook to assist in preparing for the recently approved Regulations.

Please feel free to contact us if you have any questions regarding the effect and implications of the CCPA, and how the new Regulations may affect your compliance efforts.

Kind regards,

Ariel Yosefi, Partner

Co-Head | Technology & Regulation Department

Herzog Fox & Neeman

Related Practice Areas

Related Lawyers

More news

Nebraska is the 17th US State to Adopt Comprehensive Data Protection Legislation
Maryland is the 16th US State to Pass Comprehensive Consumer Privacy Legislation
Kentucky is the 15th US State to Adopt Comprehensive Data Protection Legislation
JOIN OUR
Newsletter

    © 2020, All rights reserved, Herzog Law
    Site by Gootte

    The information contained in this web site is provided for informational purposes only and should not be construed as legal advice on any subject matter and should not be relied upon as such. Herzog accepts no responsibility for any consequences whatsoever arising from use of the information contained in this web site. The accessing of information contained in this web site shall under no circumstances be considered as creating an attorney-client relationship between Herzog and any party accessing this web site. Contacting through email any lawyer named in this web site or sending information without prior agreement of Herzog shall not be construed as automatically creating an attorney-client relationship between Herzog and the party sending an email or information. The material contained in this web site has been created by and remains the property of Herzog. No reproduction, transmission, publication or any other form of dissemination shall be permitted unless the prior written consent of Herzog has been obtained. This web site may contain links to other web sites operated by third parties. Herzog does not sponsor, approve or endorse the content of any such web site and is not responsible for the materials appearing in such sites.

    Search by
    Search by +

    Search