On Monday, July 19, 2021 the Office of the California State Attorney General (OAG) issued a press release to summarize its first year of CCPA enforcement.

In this press release, OAG urged consumers to take advantage of their CCPA rights, such as the right to know, delete, opt-out of the sale, right to non-discrimination, and rights for minors. In addition, consumers are encouraged to use OAG’s new Consumer Privacy Interactive Tool. It assists consumers with drafting notices of noncompliance that can be sent to a business the consumer believes failed to post a “Do Not Sell My Personal Information” link. OAG stated these consumer-sent notices may start the clock on the business’s 30-day window to cure the violations. Consumers should be aware that any information imputed into the tool is collected by OAG and may be used by OAG for its own enforcement and investigative purposes.

OAG also posted examples of enforcement actions it has taken thus far.
Continue Reading CALIFORNIA STATE ATTORNEY GENERAL PROVIDES INSIGHT INTO YEAR ONE OF CCPA ENFORCEMENT

Today, Virginia Governor Ralph Northam signed the Consumer Data Protection Act (SB 1392) into law, making Virginia the second state after California to enact major privacy legislation.  Like the recently approved California Privacy Rights Act (“CPRA”), which amends the California Consumer Privacy Act, the Virginia Consumer Data Protection Act (“CDPA”) also becomes effective January 1, 2023.  But the similarities to California law don’t end there.  There is considerable overlap between the CDPA and the CCPA and CPRA, on the one hand, and between the CDPA and the European General Data Protection Regulation (“GDPR”), on the other hand.  However, there are also important distinctions between the CDPA and those laws that make it unique.  This blog post tracks some of the CDPA’s key features, and notes where they align with or depart from existing law.
Continue Reading Virginia is for Privacy, Apparently