I am pleased to announce that Professor Paul Schwartz and I have released new supplemental materials for our INFORMATION PRIVACY LAW casebooks: (1) edited version of Carpenter v. US (2) overview of the CCPA + state biometric privacy laws
Category: CCPA
Top 10 Privacy Law Developments of the Decade 2010-2019
It is an understatement to say that a lot has happened in privacy law during the past decade. Here is my list of the most notable developments. NOTE: I am giving a particular emphasis to what I find to be notable from a United States perspective. What is notable privacy law depends upon where one […]
CCPA FAQ
I am pleased to announce my new CCPA FAQ that covers all the key details of the California Consumer Protection Act.
Cartoon: The Travails of CCPA Compliance
This cartoon depicts the travails of complying with the CCPA as it rapidly evolves. The CCPA originated when a referendum regarding consumer privacy rights was scheduled to be on the ballot in November 2018. Alastair Mactaggart, the referendum’s sponsor, offered to withdraw it if California passed a law. So, in the summer of 2018, the […]
Cartoon: Multi-Jurisdictional Privacy Law Compliance
This cartoon depicts the challenges of multi-jurisdictional privacy law compliance. In 2018, organizations scrambled to comply with the GDPR. In 2019, businesses are scrambling to comply with the California Consumer Privacy Act (CCPA). And, there will be a new referendum on privacy law in California next year — CCPA 2.0. There’s a flurry of legislative […]
Entering the New Age of Privacy in the US: Learning from GDPR — An Interview with Daniel Barber
I had the chance to interview Daniel Barber, CEO and Co-founder of DataGrail. DataGrail is a purpose-built privacy management platform that ensures sustained compliance with the GDPR, CCPA, and forthcoming regulations. Their customers span a variety of industries and include Databricks, Plexus Worldwide, TRI Pointe Homes, Outreach, Intercom, and SaaStr. Daniel and I spoke about the lessons […]
Cartoon: Data Subject Access Requests Under the CCPA and GDPR
This cartoon is about data subject access requests (DSARs) — sometimes called “subject access requests” (SARs). The GDPR Article 15 provides for DSARs. The new California Consumer Privacy Act (CCPA) provides individuals with a right to learn about the personal data collected and shared about them over the past 12 months. For more background about […]
Anatomy of a Privacy Law
I was recently giving a presentation about new privacy laws, and I created the infographic above to catalog the various elements that privacy laws often have. Going through this list can help to assess how complete a privacy law is. For example, the California Consumer Privacy Act (CCPA) is often compared to the General Data […]
Will the United States Finally Enact a Federal Comprehensive Privacy Law?
These days, there seems to be a lot of energy around a federal comprehensive privacy law in the United States. When the US Congress started passing privacy laws in the 1970s, 80s, and 90s, it eschewed the route of passing a comprehensive privacy law, opting instead for the sectoral approach — passing a series of […]
Cartoon: The CCPA, a Federal Comprehensive Privacy Law, and Preemption
For years, many policymakers, industry representatives, and commentators were opposed to a comprehensive federal privacy law. They typical federalism arguments were often trotted out. Then, in 2018, California passed the California Consumer Privacy Act (CCPA). Now, there seems to be a chorus for a comprehensive federal privacy law with preemption. I’ll be posting soon about […]