CCPA Amendments: Key Changes You Need to Know
The Governor of California signed five amendment bills under the CCPA into law on October 11, 2019.
The Governor of California signed five amendment bills under the CCPA into law on October 11, 2019.
Consequently, businesses will need to incorporate these amendments in their compliance efforts ahead of the January 1, 2020 deadline.
This move comes immediately after California’s Attorney General drafted regulations a day earlier and intends to hold public hearings in four cities across the state on December 6, 2019, to get the public's views on the new Act. Interested parties will be allowed to air their views about CCPA at the town hall meetings, as well as via postal mail and e-mail.
The Attorney General’s draft regulations are proposed rules focused on providing specific guidance on how businesses can comply with CCPA. On the other hand, the amendments signed into by the Governor will replace or reinforce the legal text of the Act.
Here are the summaries of the amendments that the Governor of California signed into law;
Assembly Bill 1564 – Consumer Request for Disclosure Methods
The CCPA requires businesses to provide at least two alternatives for consumers to submit information and deletion requests, which comprise a toll-free phone number and an e-mail address.
Assembly Bill 1355 – Clarifying Amendments and Exemptions
This amendment excludes de-identified or cumulative consumer data from being defined as personal information. Additionally, it enacts a 12-month exemption for specific B2B communication or transactions an expands the existing exemption for compliance with the national Fair Credit Reporting Act (FCRA).
Assembly Bill 1202 – Data Broker Registration
This regulation requires individuals or businesses specializing in data brokerage to seek authorization from the California Attorney General.
Assembly Bill 1146 – Vehicle Warranties and Recalls
Under CCPA, vehicle information, including repairs, warranties, and recalls, are exempted from the right of deletion.
Assembly Bill 874 – Publicly Available Information
This amendment clarifies the definition of ‘publicly available’ to denote data that is legally made available from federal, state, or local government databases. It also explains that the description of ‘personal information’ does not comprise de-identified or aggregate consumer data.
Assembly Bill 25 – Employee Exemption
This law modifies the CCPA such that it does not apply to the collection of personal data from job seekers, employees, entrepreneurs, directors, officers, medical employees, and contractors for 12 months.
Assembly Bill 1130 - Personal Information; Data Breaches
It revises the definition of personal information and permits an individual or a business that is obligated to issue a safety breach notification to include notification for biometric information.
Secure Privacy’s solutions can help you comply with CCPA and build this trust with your customers. These solutions are easy to use and integrate with any website seamlessly. If you have any additional questions regarding these solutions, check out our detailed CCPA guide on how to become CCPA compliant or book a call to speak to an expert.
![How to Use Google Consent Mode v2 Outside the EEA and the UK](https://images.prismic.io/secure-privacy/Zp5NZh5LeNNTxWk3_HowtoUseGoogleConsentModev2byRegion.png?ixlib=gatsbyFP&auto=format%2Ccompress&fit=max&q=45)
How to Use Google Consent Mode v2 Outside the EEA and the UK
Discover why using Google Consent Mode v2 outside the EEA and the UK might be unnecessary. Learn about compliance requirements, the impact on data collection, and how to optimize your approach based on regional privacy laws.
- Europe GDPR
![The Impact of Special Purpose 3: Latest Amendments to the IAB Transparency and Consent Framework (TCF) V2.2 Policies by IAB Europe](https://images.prismic.io/secure-privacy/ZpUC_R5LeNNTxJ7o_TheImpactofSpecialPurpose3_LatestAmendmentstotheIABTransparencyandConsentFramework-TCF-V2.2PoliciesbyIABEurope.png?ixlib=gatsbyFP&auto=format%2Ccompress&fit=max&q=45)
The Impact of Special Purpose 3: Latest Amendments to the IAB Transparency and Consent Framework (TCF) V2.2 Policies by IAB Europe
Discover how the latest amendments to the IAB Transparency and Consent Framework (TCF) V2.2, particularly the introduction of Special Purpose 3 (SP3), are transforming user consent and transparency in the digital advertising ecosystem. Learn about the new requirements for protecting children's privacy, preventing dark patterns, and ensuring explicit consumer consent.
- Europe GDPR
![Understanding the Difference Between a PIA and DPIA in GDPR Privacy Risk Assessments](https://images.prismic.io/secure-privacy/ZonRuR5LeNNTw2___UnderstandingtheDifferenceBetweenaPIAandDPIAinGDPRPrivacyRiskAssessments.png?ixlib=gatsbyFP&auto=format%2Ccompress&fit=max&q=45)
Understanding the Difference Between a PIA and DPIA in GDPR Privacy Risk Assessments
Learn the key differences between Data Protection Impact Assessments (DPIAs) and Privacy Impact Assessments (PIAs). Understand their importance in ensuring compliance with privacy laws and best practices for mitigating privacy risks.
- Europe GDPR
- Data Protection