Author

Jonathan Tam

Browsing

On March 24, the Utah Consumer Privacy Act (UCPA) was signed into law. It will take effect on December 31, 2023. UCPA generally has a narrower scope of application than the California Consumer Privacy Act (CCPA), the Virginia Consumer Data Protection Act (VCDPA), the Colorado Privacy Act (CPA), and the General Data Protection Regulation (GDPR). It has multiple threshold requirements for applicability, excludes Utah residents acting in an employment or commercial context from protection (like…

2022 is looking to be an unprecedented year for California companies’ privacy law obligations. The California Privacy Rights Act (CPRA) takes effect on January 1, 2023, with a twelve-month look-back that also applies to the personal data of employees and business contacts. The new California Privacy Protection Agency is preparing regulations that will sit on top of existing rules from the California Attorney General. Meanwhile, the California Legislature is enacting privacy laws even though it has not…

Whether you are creating new virtual worlds, realities or universes, the digital assets that populate them, or the infrastructure that enable individuals to interact and transact in them, there are numerous legal issues that you may have to navigate. Here are four potential pitfalls that creators of and in the metaverse should avoid. Foregoing Legally Enforceable Contracts. Relying on smart contracts, dapps and other programs exclusively expressed in code to govern transactions between parties can…

In brief The California Privacy Rights Act of 2020 (CPRA) introduces sweeping changes to the California Consumer Privacy Act of 2018 (CCPA), most of which will become operative as of 1 January 2023 with a “look back” to 1 January 2022. Some key revisions include:  A new definition of “sensitive personal information” and detailed obligations regarding the processing of sensitive personal information for non-essential purposes; A new and counterintuitive definition of “sharing” personal information and related restrictions aimed…

In the privacy world, there is no rest for the weary. In California, while most companies were just getting their programs running to address the California Consumer Privacy Act (“CCPA”), including some last minute changes to address the final version of the regulations issued in late fall 2020, the California Privacy Rights Act (“CPRA”) was officially certified on December 16, 2020 following voter approval in another privacy referendum in the November 2020 elections. CPRA sharpens…

Based on preliminary election results, Californians voted to enact the California Privacy Rights Act (“CPRA”), expanding and revising the California Consumer Privacy Act of 2018 (“CCPA”) effective January 1, 2023 with a one-year look-back to January 1, 2022 for some provisions. Companies around the world with business ties to California should start updating vendor contracts and prepare for new requirements under the statute and revised regulations to be issued by a new California Privacy Protection…

What does this mean for covered businesses? Two important privacy law developments took place last week in California. On 10 October 2019, the California Attorney General (AG) published its proposed regulations under the California Consumer Privacy Act (CCPA), and on 11 October 2019, Governor Gavin Newsom signed several bills that were passed in mid-September amending the CCPA (click here for a summary of those amendments). In this alert, we summarize some of the key requirements…