On June 1, 2020, in a surprise, last-minute filing, the office of the California Attorney General submitted the final CCPA final California Consumer Privacy Act (CCPA) proposed regulations to the California Office of Administrative Law (OAL).

What does this mean for businesses subject to the CCPA?

Under normal circumstances, the OAL would have 30 days to review the proposed regulations for procedural compliance with California’s Administrative Procedure Act; however due to the COVID-19 pandemic, this timeframe has been extended by 60 additional days. This being said, the California Attorney General requested an expedited review, asking the OAL to complete its review of the final CCPA proposed regulations within the next 30 business days, and that the proposed regulations become effective upon filing with the Secretary of State. If the OAL honors this request, the regulations could become effective as early as early July – shortly after the California Attorney General will begin enforcement of the CCPA.

As such, businesses should continue working toward compliance with the text of the CCPA, as well as the text of the final proposed CCPA regulations.

Author

Brian provides advice on global data privacy, data protection, cybersecurity, digital media, direct marketing information management, and other legal and regulatory issues. He is Chair of Baker McKenzie's Global Data Privacy and Security group.

Author

Brandon Moseberry advises global consumer, information technology, manufacturing, medical device, and financial institutions, among other clients, on a wide range of global data privacy, cybersecurity, direct marketing, social media, behavioral advertising, and related matters.

Author

Harry is a partner based in New York. He advises global organizations on privacy and data security compliance requirements. His practice is focused on delivering commercially practical advice on designing security, privacy, and technologically compliant solutions.

Author

Amy de La Lama has assisted a wide array of companies in addressing legal issues related to global privacy and data collection, data security, information technology and related restrictions on data collection and movement.

Author

Michael advises clients across various industries, including global online businesses, pharmaceutical companies, healthcare providers, manufacturers, financial institutions, sourcing providers, retail companies, and other organizations regarding the legal aspects of global privacy and data protection, data security, information technology, and related restrictions on data collection and transfer.

Author

Lothar has been helping companies in Silicon Valley and around the world take products, business models, intellectual property and contracts global for nearly 20 years. He advises on data privacy law compliance, information technology commercialization, interactive entertainment, media, copyrights, open source licensing, electronic commerce, technology transactions, sourcing and international distribution at Baker McKenzie in San Francisco & Palo Alto.

Author

Cristina focuses her practice on regulatory and transactional issues in global privacy and data protection, including data security, data breach notification, global privacy, website privacy policies, behavioral advertising, cross-border data transfers, and comprehensive compliance programs.

Author

Gary is an associate in the Chicago office. His practice focuses on regulatory and transactional issues in global privacy and data protection, including cross-border data transfers, data security, data breach notification, global privacy, website privacy policies, behavioral advertising, and comprehensive compliance programs.

Write A Comment