- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By 
Kyle Brasseur2023-03-02T14:00:00
Three years in, the promise of the California Consumer Privacy Act (CCPA) remains unfulfilled.
The law expected to rein in the questionable data protection practices of Silicon Valley tech giants has resulted in a fine against a company just once, when cosmetics retailer Sephora was penalized $1.2 million in August for failing to comply with customer data sale notification and opt-out request requirements. Not quite the bite people were expecting.
And yet, the expanding U.S. data privacy legislation landscape is better for this approach. When four additional states—Colorado, Connecticut, Utah, and Virginia—begin enforcing their respective privacy laws this year, they have a blueprint to follow for what these kind of bills should prioritize: compliance.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec. Select an option and click continue.
Annual Membership $499 Value offer
Full price one year membership with auto-renewal.
Membership $599
One-year only, no auto-renewal.
Food delivery company DoorDash agreed to pay a $375,000 fine as part of a settlement announced by California Attorney General Rob Bonta addressing alleged violations of the California Consumer Privacy Act.
The Dubai International Financial Centre announced the California Consumer Privacy Act passes muster, allowing compliant California businesses to be the first permitted to transfer data with the DIFC without additional contractual measures.
Changes to the California Consumer Privacy Act expected to take effect July 1 have been stayed until March 2024 following a ruling from the Sacramento County Superior Court.
New Compliance Week Editor-In-Chief Ian Sherr shares his thoughts on where compliance is headed as businesses meet the realities of not just following the rules, but staying ahead of the pace of regulatory change at a global scale.
Top-of-mind issues addressed at Compliance Week’s Third-Party Risk Management & Oversight Summit, held June 3-4 in Atlanta, included safe deployment of artificial intelligence, assessing vendor viability and sustainability, understanding the role of procurement in risk ranking, the intersection (or lack thereof) between data privacy and cybersecurity, and many others.
Anne Morriss, co-author of “Move Fast and Fix Things,” advises compliance officers to tap into curiosity, communicativeness, and comfort with discomfort to build organizational trust, fast.
