Category Archives: CCPA

Recently signed into law by California Governor Gavin Newsom on September 15, 2022, the California Age-Appropriate Design Code Act (“AADC”) changes the playing field for certain businesses that provide online services, products, or features accessible to children under the age of 18. Although California models its new law after the Children’s Code passed by the UK, the AADC is first state law of its kind in the US.… More

As states have continued to debate and pass new comprehensive privacy statutes – such as those in Virginia and Colorado – a common refrain from business leaders is the need for a comprehensive federal privacy statute that will lessen the need to comply with a patchwork of state laws.  Indeed, the absence of serious privacy protections at the federal level – something akin to PIPEDA in Canada or the GDPR in Europe – has long spurred states to act as online data gathering and brokering has grown and advanced well beyond what most extant federal law contemplates. … More

On July 7, 2021, Governor Jared Polis signed into law the Colorado Privacy Act (CPA), making Colorado the most recent state to enact comprehensive privacy legislation.  While the CPA does not take effect until July 1, 2023, it contains robust provisions that businesses will need some time to prepare for.

The CPA draws many principles from and has a similar framework to the California Consumer Privacy Act (CCPA),… More

California voters on Election Day passed the California Privacy Rights Act (CPRA), an update and partial overhaul to the California Consumer Privacy Act (CCPA), the landmark 2018 privacy law.  The new CPRA strengthens existing privacy protections, particularly for certain categories of sensitive personal information, and creates an independent enforcement agency.  However, privacy advocates like the ACLU of Northern California and the Electronic Frontier Foundation came out against or refused to support the measure,… More

Companies that have already done the work to become GDPR-compliant are a step ahead, but all companies that collect California users’ personal information or just do business in California should check to see whether they are obligated to comply with the CCPA. Foley Hoag’s Privacy & Data Security practice group has more than a decade of experience and deep knowledge in domestic and international privacy law. Our CCPA team, with lawyers admitted to practice in California,… More

Terms of service and privacy policies form the primary legal agreement between your organization and anyone who visits your website, downloads your app, or subscribes to your platform. These agreements are ubiquitous, yet often overlooked by start-ups and established companies alike. And with new privacy laws like GDPR and CCPA affecting businesses globally, understanding how these laws affect your policies and terms is crucial for doing business.

Foley Hoag attorneys Christopher Hart and Jessica Turko present a webinar discussing how companies can mitigate risk when drafting terms of service and privacy policies.… More

That sixth sense you have that someone is listening – could it be your smart speaker?  There’s a chance the answer is yes, even when you don’t ask it to.  A new study from Northeastern University finds that smart speakers often accidentally activate and record conversations, although just how often (sometimes as often as 19 times a day) and for how long (sometimes recording for 43 seconds) depends on the device. … More

The new decade has barely begun, and the world of privacy already seems set to change quickly.  Here is a brief overview:

New Laws In Effect as of January 1

On January 1, 2020, new data breach notification requirements went into effect in three states:  Texas, Oregon, and Illinois.  Each law has a unique twist on privacy-related notifications (and thus places additional burdens on businesses):

• Texas places a definite time limit on notifying individuals after a breach occurs:  60 days (and not “as quickly as possible”).…

More

As you may already be aware, the CCPA goes into effect on January 1, 2020. California’s Attorney General has issued draft regulations under the CCPA and final regulations are expected to be issued shortly. Below are some frequently asked questions and answers about the CCPA as a short guide to assist you with understanding what the CCPA may require.

What is the CCPA?

It is the new California Consumer Privacy Act (CCPA) that creates new “consumer” rights relating to the access to,… More

Editors’ Note:  This is the first in our fourth-annual end-of-year series examining important trends in data privacy and cybersecurity in the coming year.  Up next:  a look at trends in the energy space.

Lists of “top” things used to come in a standard size of 10: The 10 Commandments, 10 Things I Hate About You, David Letterman’s Top 10,… More

The passage of the California Consumer Privacy Act (CCPA) was a seismic event in U.S. data privacy law. CCPA has an expansive, rights-based approach to privacy, with national and international ramifications.

Foley Hoag attorneys Colin Zick, Chris Hart, Yoni Bard and Scott Bloomberg present a second podcast discussing the latest developments with the CCPA. Click here to listen to part one.… More

October brought three new developments to California’s comprehensive data privacy law, the California Consumer Privacy Act (“CCPA” or “Act”).  First, the state enacted a series of amendments to the CCPA that both clarify ambiguities and create new exceptions.    Second, we learned that the organization whose 2018 ballot initiative pushed California to enact the CCPA is planning to introduce another data privacy ballot initiative in 2020.  Finally, California’s Attorney General published draft regulations for notice and comment.… More

Attorneys Colin Zick and Chris Hart recently led a Q&A discussion for MassTLC members on new trends in data privacy. Click here to download the slides. Topics included: recent GDPR enforcement actions, the California Consumer Privacy Act, recent changes to the Massachusetts data breach statute and more. More

New Trends in Data Privacy: GDPR, CCPA and Beyond

Changes to data privacy laws and regulations continue to happen at a rapid clip. Join Foley Hoag’s Colin Zick and Chris Hart for a question and answer discussion about recent GDPR enforcement actions, the latest status on the California Consumer Privacy Act, recent changes to the Massachusetts data breach statute, and what other changes are in store nationally and internationally in the world of privacy and data security.… More

The passage of the California Consumer Privacy Act (CCPA) was a seismic event in U.S. data privacy law. CCPA has an expansive, rights-based approach to privacy, with national and international ramifications.

Foley Hoag attorneys Colin Zick, Chris Hart, Christina Hioureas, Yoni Bard and Scott Bloomberg present a podcast discussing what you need to know about the CCPA.… More

The California Consumer Privacy Act (“CCPA”) has been lauded as a “huge step forward” that could set a standard for other states and the federal government that enact increasingly robust data privacy legislation.  Indeed, some federal lawmakers view the law so favorably that they do not want future federal legislation to replace it. In the words of Rep. Jackie Speier (D-Calif.) to Politico: “California’s bill is the best.… More