Posts about California Privacy Law by Professor Daniel J. Solove for his blog at TeachPrivacy, a privacy awareness and security training company.
The U.S. lacks a federal comprehensive privacy law, but the states have sprung into action by passing broadly-applicable consumer privacy laws. Nearly 20 states have passed such laws – so about 40% of the states now have privacy laws. Are these laws any good? Short answer: No But I am glad they exist. Well, sort […]
In this video, Justin Antonipillai (Wirewheel) and I discuss the CPRA and its potential effects with Alastair Mactaggart (Californians for Consumer Privacy). Mactaggart’s referendum sparked the passage of the California Consumer Privacy Act (CCPA) in 2018. This year, he has another referendum (Proposition 24) called the Californian Privacy Rights Act (CPRA), which aims to amend […]
Professor Paul Schwartz and I recently edited the Schrems II decision for our Information Privacy Law casebook. Schrems II is short for Facebook Ireland Ltd. v. Maximillian Schrems — the second challenge by Maximillian Schrems to the transfer of data between the EU and US. In Schrems I, the European Court of Justice (CJEU) invalidated the Safe […]
Updated on March 27, 2020 — The California AG came out with a modified modified draft of the CCPA regulation on March 11, 2020. Most notably, a few of the changes in the February 7 draft were walked back. I will discuss the details below. On Friday, February 7, 2020, the California AG dropped a […]
It is an understatement to say that a lot has happened in privacy law during the past decade. Here is my list of the most notable developments. NOTE: I am giving a particular emphasis to what I find to be notable from a United States perspective. What is notable privacy law depends upon where one […]
This cartoon depicts the travails of complying with the CCPA as it rapidly evolves. The CCPA originated when a referendum regarding consumer privacy rights was scheduled to be on the ballot in November 2018. Alastair Mactaggart, the referendum’s sponsor, offered to withdraw it if California passed a law. So, in the summer of 2018, the […]
This cartoon depicts the challenges of multi-jurisdictional privacy law compliance. In 2018, organizations scrambled to comply with the GDPR. In 2019, businesses are scrambling to comply with the California Consumer Privacy Act (CCPA). And, there will be a new referendum on privacy law in California next year — CCPA 2.0. There’s a flurry of legislative […]
This cartoon is about data subject access requests (DSARs) — sometimes called “subject access requests” (SARs). The GDPR Article 15 provides for DSARs. The new California Consumer Privacy Act (CCPA) provides individuals with a right to learn about the personal data collected and shared about them over the past 12 months. For more background about […]
I was recently giving a presentation about new privacy laws, and I created the infographic above to catalog the various elements that privacy laws often have. Going through this list can help to assess how complete a privacy law is. For example, the California Consumer Privacy Act (CCPA) is often compared to the General Data […]
These days, there seems to be a lot of energy around a federal comprehensive privacy law in the United States. When the US Congress started passing privacy laws in the 1970s, 80s, and 90s, it eschewed the route of passing a comprehensive privacy law, opting instead for the sectoral approach — passing a series of […]