CCPA Amendments: Key Changes You Need to Know

The Governor of California signed five amendment bills under the CCPA into law on October 11, 2019.

Consequently, businesses will need to incorporate these amendments in their compliance efforts ahead of the January 1, 2020 deadline.

This move comes immediately after California’s Attorney General drafted regulations a day earlier and intends to hold public hearings in four cities across the state on December 6, 2019, to get the public's views on the new Act. Interested parties will be allowed to air their views about CCPA at the town hall meetings, as well as via postal mail and e-mail. 

The Attorney General’s draft regulations are proposed rules focused on providing specific guidance on how businesses can comply with CCPA. On the other hand, the amendments signed into by the Governor will replace or reinforce the legal text of the Act.

Here are the summaries of the amendments that the Governor of California signed into law;

Assembly Bill 1564 – Consumer Request for Disclosure Methods

The CCPA requires businesses to provide at least two alternatives for consumers to submit information and deletion requests, which comprise a toll-free phone number and an e-mail address.

Assembly Bill 1355 – Clarifying Amendments and Exemptions

This amendment excludes de-identified or cumulative consumer data from being defined as personal information. Additionally, it enacts a 12-month exemption for specific B2B communication or transactions an expands the existing exemption for compliance with the national Fair Credit Reporting Act (FCRA).

Assembly Bill 1202 – Data Broker Registration

This regulation requires individuals or businesses specializing in data brokerage to seek authorization from the California Attorney General.

Assembly Bill 1146 – Vehicle Warranties and Recalls

Under CCPA, vehicle information, including repairs, warranties, and recalls, are exempted from the right of deletion.

Assembly Bill 874 – Publicly Available Information

This amendment clarifies the definition of ‘publicly available’ to denote data that is legally made available from federal, state, or local government databases. It also explains that the description of ‘personal information’ does not comprise de-identified or aggregate consumer data.

Assembly Bill 25 – Employee Exemption

This law modifies the CCPA such that it does not apply to the collection of personal data from job seekers, employees, entrepreneurs, directors, officers, medical employees, and contractors for 12 months.

Assembly Bill 1130 - Personal Information; Data Breaches

It revises the definition of personal information and permits an individual or a business that is obligated to issue a safety breach notification to include notification for biometric information.

 Secure Privacy’s solutions can help you comply with CCPA and build this trust with your customers. These solutions are easy to use and integrate with any website seamlessly. If you have any additional questions regarding these solutions, check out our detailed CCPA guide on how to become CCPA compliant or book a call to speak to an expert.