california privacy law Archives

In California Privacy Law

California moves to disable vehicular data access used in domestic abuse

April 5, 2024 by Cynthia Cole and Helena Engfeldt 2 Mins Read

Background On February 28, 2024, California State Senator Dave Min proposed Senate Bill (SB) 1394, a new measure aimed at preventing vehicular data from being used to perpetuate domestic violence. Under the proposal, automobile manufacturers would be required to disable access to remote vehicle technologies upon the request of a victim of domestic violence. The bill arrives amid increasing reports of incidents of domestic abusers exploiting vehicular location tracking features to stalk and harass victims…

In Cybersecurity

California’s CPPA moves into 2024 with an ambitious agenda on Cybersecurity Audits, Risk Assessments, and Automated Decision-Making Technology

December 14, 2023 by Cynthia Cole, Justine Phillips, Grayson Myers and Garrett Stallins 3 Mins Read

The California Privacy Protection Agency (“CPPA”) held a public board meeting on December 8, 2023. As discussed in our previous article, the CPPA is in the process of preparing Draft Regulations on Cybersecurity Audits, Risk Assessments and Automated Decision-Making Technology. The Rules Subcommittee provided updates on these regulations, and Board members provided their feedback on the drafts. Key Takeaways Regarding CCPA Cybersecurity Audit Regulations The Cybersecurity Audit Regulations would require businesses “whose processing of consumers’…

In California Privacy Law

Nevada and Washington Consumer Health Privacy Laws Operative in March – Top 6 Things To Do Now

December 13, 2023 by Helena Engfeldt and Michelle Shin 5 Mins Read

If your organization does business across the U.S. and collects consumer health data (broadly defined, health inferences generated from non-health data count), compliance with U.S. state consumer health privacy laws is just around the corner. Consumer health privacy laws in Nevada (Senate Bill 370) and Washington (the My Health My Data Act) become fully operative for regulated entities on March 31, 2024. Requirements specific to consumer health data are already operative in Connecticut. Here are…

In California Privacy Law

Reminder: Large Social Media Companies Must Submit Their First Terms of Service Report to California Attorney General by January 1, 2024 or Face $15k Fines Per Day

December 1, 2023 by Jonathan Tam 6 Mins Read

Chapter 22.8 of the California Business and Professions Code imposes requirements on social media companies with annual gross revenues of $100 million or more to submit “terms of service reports” to the California Attorney General, with the first report due by January 1, 2024. The statute is currently the subject of a constitutional challenge, but covered companies should not delay preparing reports in case the lawsuit drags on or is unsuccessful. The law applies to…