PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

Notable Changes in the Modified Draft CCPA Regulation

CCPA Regulation - TeachPrivacy CCPA Training 01

Updated on March 27, 2020 — The California AG came out with a modified modified draft of the CCPA regulation on March 11, 2020.  Most notably, a few of the changes in the February 7 draft were walked back.  I will discuss the details below. 

On Friday, February 7, 2020, the California AG dropped a new modified draft CCPA regulation.  Comments are due by February 24, 2020 at 5 PM Pacific Time.

Here are some notable changes:

(1) IP Addresses Can Somehow Escape from Being Personal Information 

New text of the regulation:

§ 999.302. Guidance Regarding the Interpretation of CCPA Definitions
(a) Whether information is “personal information,” as that term is defined in Civil Code section 1798.140, subdivision (o), depends on whether the business maintains information in a manner that “identifies, relates to, describes, is reasonably capable of being associated with, or could be reasonably linked, directly or indirectly, with a particular consumer or household.” For example, if a business collects the IP addresses of visitors to its website but does not link the IP address to any particular consumer or household, and could not reasonably link the IP address with a particular consumer or household, then the IP address would not be “personal information.”

This last sentence about IP addresses was stricken in the new modified CCPA regulation of March 11.

Continue Reading

New Supplemental Materials for INFORMATION PRIVACY LAW Casebooks


I am pleased to announce that Professor Paul Schwartz and I have released new supplemental materials for our INFORMATION PRIVACY LAW casebooks:

(1) edited version of Carpenter v. US

(2) overview of the CCPA + state biometric privacy laws

Continue Reading

Top 10 Privacy Law Developments of the Decade 2010-2019

Top 10 Privacy Law Developments of the Decade 2010-2019 02

It is an understatement to say that a lot has happened in privacy law during the past decade. Here is my list of the most notable developments.

NOTE: I am giving a particular emphasis to what I find to be notable from a United States perspective.  What is notable privacy law depends upon where one is situated.  For example, if one is from a small country, that country’s developments are quite notable even if not well-known on a worldwide stage.

Continue Reading