Though the CCPA is still relatively new, the state has already passed a substantial revision in the form of the California Privacy Rights Act (CPRA). Its terms will begin going active at the beginning of 2023.
Though it was unsuccessful in defeating Prop 24, questions have been raised about the tech giant's use of its own search algorithm to put a thumb on the scale.
Comprehensive mandates like the California Privacy Rights Act (CPRA) require extensive preparation—those with processes in place before it arrives will manage it best, and perhaps even derive benefits from it.
Data privacy management will only grow more important, expensive, and complicated in the days to come for tech companies. Companies need to take a step back and understand what data they have, where it resides and how to manage that data.
When the California Privacy Rights Act (CPRA) takes effect and replaces the California Consumer Privacy Act (CCPA) on January 1, 2023, businesses will have new privacy obligations with respect to personal information of employees, applicants for employment, independent contractors, owners, directors, officers, and their beneficiaries and emergency contacts who are California residents.
In this article, learn how CPRA extends the definitions and scope of the CCPA, how businesses should think about CPRA enforcement, and what CPOs can do to help their companies ensure effective and frictionless compliance with CPRA.
The implementation of CPRA and introduction of civil penalties for theft of login information should encourage businesses to establish a strong data security posture management (DSPM) strategy. This is a key first step to protect and monitor personal information more effectively and allow consumers to control data sharing.
