- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By 
Adrianne Appel2023-03-01T14:00:00
A bill to update California’s landmark data privacy law has only been in effect since Jan. 1, but it is already noteworthy among businesses for the robust protections it offers residents, a slew of new requirements for companies, and a certain amount of ambiguity.
The California Privacy Rights Act (CPRA), which passed as a ballot measure in 2020, expanded on the protections offered by the California Consumer Privacy Act (CCPA), the nation’s first comprehensive state data privacy law. The CPRA established the California Privacy Protection Agency (CPPA) to implement and enforce the law, a change from keeping CCPA oversight with the state attorney general.
Four other states—Colorado, Connecticut, Utah, and Virginia—have approved privacy laws taking effect this year, though none are considered as comprehensive as the California legislation.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec. Select an option and click continue.
Annual Membership $499 Value offer
Full price one year membership with auto-renewal.
Membership $599
One-year only, no auto-renewal.
The California Privacy Protection Agency is probing the data privacy practices of connected vehicle manufacturers and their technologies as part of its first enforcement review.
Many businesses are breathing a sigh of relief following a court ruling that delayed enforcement of certain provisions of the California Privacy Rights Act, but companies should not rest on their laurels, according to experts.
If companies haven’t started the process of coming into compliance with the California’s sweeping new privacy law, they need to begin now.
Any product that uses AI needs to be safety assessed for its entire lifespan under new rules that went into effect recently across the EU. Experts warned companies using AI to tailor products could be classed as “manufacturers” and face the same duty of care as developed.
When lawmakers slam the U.K.’s chief financial regulator as “incompetent,” it not only opens the doors for others to pile criticism on it, but it sparks a debate about how the organization can be improved–or removed.
The U.K. Financial Conduct Authority apologized to investors in peer-to-peer investment firm Collateral for not acting swiftly enough to prevent Collateral from defrauding its customers.
