Privacy & Cybersecurity
U.S. Privacy and Data Protection | Insights |
U.S. Privacy and Data Protection | Insights | June 2024 (State Law) Data breaches are on the rise, no matter the size or reputation of your business. If you are...
Read ArticleApril 16, 2024
Senior Associate
On March 15, 2024, the California Privacy Protection Agency released its 2024-2027 Strategic Plan, which outline the privacy agency’s values and objectives in California.
Background
The passing of the California Privacy Rights Act of 2020 (CPRA) amended and expanded the California Consumer Privacy Act of 2018 (CCPA). Included in the expansion was the establishment of the California Privacy Protection Agency (CPPA), which has been vested with the authority to implement, enforce, and raise awareness of California’s privacy protections.
As stated by the CPPA’s Executive Direct, Ashkan Soltani, the CPPA’s 2024-2027 Strategic Plan, “...is our road map for the future, with measurable goals and objectives that will further our mission to protect consumer privacy, ensure that consumers and businesses are well informed about their rights and obligations, and vigorously enforce the law.”1
Overview of The Plan
The Plan outlines four major goals, which include:
You can review the Plan here.
Advisory Notice
Alongside the release of the Plan, in early April the CPPA issued a pivotal enforcement advisory, zeroing in on the data minimization obligations delineated in the CCPA concerning consumer requests. This advisory marks the inaugural release in a series designed to foster voluntary compliance in anticipation of the agency’s forthcoming enforcement actions. The CPPA is expected to continue to focus on issues such as data minimization and consumer rights, including as related to the “sharing” and “selling” of personal information. Businesses should also take note of any comments about cybersecurity audits and programs, risk assessments, and automated decision-making technology, including for use in connection with AI and marketing.
State privacy laws continue to expand, as outlined in our periodic privacy insights. Most recently, new privacy legislation has passed in Kentucky (Consumer Data Protection Act) and Maryland (Maryland Online Data Privacy Act). Businesses should contact experienced counsel to ensure ongoing compliance with data privacy and security laws.
Kronenberger Rosenfeld, LLP regularly advises clients regarding privacy compliance and defends clients facing state or federal investigations or enforcement actions relating to privacy and advertising issues. Contact our firm using our online case submission form here.
This entry was posted on Tuesday, April 16, 2024 and is filed under Privacy and Data Protection Updates, Internet Law News.
Privacy & Cybersecurity
U.S. Privacy and Data Protection | Insights | June 2024 (State Law) Data breaches are on the rise, no matter the size or reputation of your business. If you are...
Read ArticlePrivacy & Cybersecurity
Over 50% of Americans have been a victim of cybercrime, and one of the most common ways criminals gain access to our personal information is by stealing passwords. A strong...
Read ArticlePrivacy & Cybersecurity
It is not uncommon for websites and applications to periodically update their terms of service, as it is a way for businesses to stay diligent with their ever-growing needs as...
Read ArticlePrivacy & Cybersecurity
Businesses using tracking services should take note. A class certification decision was recently granted in a lawsuit against Prudential Financial, Inc. regarding website tracking practices. Specifically, the federal court in...
Read ArticleGet legal help now
Submit your case in 3 minutes and get legal help fast.
Give us a call