Sat. May 21st, 2022

    Editor’s Note: With the increasing focus on compliance requirements for companies doing business in California based on the California Consumer Privacy Act of 2018 (CCPA), the following four article extracts are provided to help legal, business, and information technology professionals better understand and prepare for the requirements and risks associated with the CCPA when it becomes effective on January 1, 2020.

    On The Road Again: Practical First Steps On Your Way to Compliance with the CCPA

    Extract from an article by Odia Kagan as published by Fox Rothschild

    The California Consumer Privacy Act (CCPA), a broad-based law protecting information that identifies California residents, will take effect in 2020. The law includes detailed disclosure requirements, provides individuals with extensive rights to control how their personal information is used, imposes statutory fines and creates a private right of action.  It is expected to dramatically alter the way U.S.-based companies process data.

    Yes – it is true that CCPA will only go into effect in 2020, and some changes in the law are expected.

    However, CCPA also has a “12-month look back” which requires companies to be able to provide information to consumers about information collected or disclosed in the immediately preceding 12 months. Couple that with some “behind the scenes” preparation which will likely be necessary whatever form the law takes — to allow you to do expanded disclosure or to address the consumer rights of access or deletion — and you have good reasons not to take a “wait and see” approach.

    Here are the top five steps you can start taking already to prepare for CCPA.

    Read the complete article at On The Road Again: Practical First Steps On Your Way to Compliance with the CCPA

    CCPA – What is it and What Does Your Business Need to Know?

    Extract from an article by Deborah George as published by Robinson+Cole

    One of the most critical facts to know is that the CCPA not only applies to consumers but also applies to for-profit businesses that do business in the state of California.  A business is defined as one that collects consumers’ personal information, has more than $25 million in revenue, alone or in combination, and annually buys, receives for the business’s commercial purposes, sells or shares for commercial purposes, the personal information of 50,000 or more consumers, households or devices or derives 50% of its annual revenues from selling a consumer’s personal information. Cal. Civ. Code §1798.140. A key fact to note from this definition is that the CCPA applies to any business does that “does business in the State of California” not just businesses residing or incorporated in California.

    The CCPA is a consumer-directed law that empowers a consumer to determine how a business can store, retain and use their personal information. The CCPA gives consumers a set of rights about the personal information that businesses collect about them, and the CCPA then directs those businesses that possess that personal information what the business can or must do with a consumer’s personal information. It’s quite empowering for a consumer to be able to tell a big corporation: I don’t want you to sell my personal information or I want you to delete my personal information. The rights of consumers and the obligations of the businesses are distinct, but intertwined in this law: on one side are the rights of consumers, and on the other, the obligations of businesses to comply with the directions of their customers and consumers.

    Read the complete article at CCPA – What is it and What Does Your Business Need to Know?

    What Marketers Need to Understand About Fines Under The New California Privacy Act

    Extract from an article by Sam Bocetta as published on Marketing Land

    It did not take long for the Golden State to borrow a page from the European Union’s consumer privacy rule book. And because of this, marketers need to take note about what’s happening with changes in data protection right now.

    It was only a few months after Europe adopted the General Data Protection Regulation in March 2018, that California Governor Jerry Brown approved Assembly Bill 375, commonly referred to as the California Consumer Privacy Act.

    These two jurisdictions are more than 5,600 miles apart, but their views on consumer privacy happen to be very similar.

    In early February 2019, many GDPR skeptics in the United States started seeing messages in their email inboxes about privacy policy updates. Since such notifications tend to be routinely ignored, there is a chance that your average citizen is still unaware of the GDPR reach beyond the EU.

    The reason brands suddenly revised their privacy policies earlier this year can be traced to a massive fined imposed upon an American internet advertising giant: Google.

    Read the complete article at What Marketers Need to Understand About Fines Under The New California Privacy Act

    If You’re Not First, You’re Last: Risks of Delaying CCPA Compliance

    Extract from an article by Kevin Kish as published by Security Boulevard

    The CCPA mandates that organizations provide consumers with an accurate look-back at the data that was collected, sold, or disclosed during the business relationship or service delivery. Organizations should avoid the temptation to rely solely on existing processes resulting from the GDPR without further analysis or not preparing at all. Prior to the effective date in January 2020, businesses should take the opportunity to develop a comprehensive data inventory to ensure that all relevant personal information assets are identified in accordance with CCPA’s new requirements. At the same time, it’s important that this process be able to scale with business operations to ensure both internal and external visibility and consistency while data collection, sharing, and sales operations change. Due to the increased focus on data privacy and the implications of the regulatory environment, early preparation will pay off in the form of a well-trusting customer base and, through the intrinsic, marketplace advantage offered to those who establish themselves as a reputable, privacy-conscious business partner.

    Read the complete article at If You’re Not First, You’re Last: Risks of Delaying CCPA Compliance

    Additional Reading

    Source: ComplexDiscovery

     

    Have a Request?

    If you have information or offering requests that you would like to ask us about, please let us know and we will make our response to you a priority.

    ComplexDiscovery is an online publication that highlights cyber, data, and legal discovery insight and intelligence ranging from original research to aggregated news for use by cybersecurity, information governance, and eDiscovery professionals. The highly targeted publication seeks to increase the collective understanding of readers regarding cyber, data, and legal discovery information and issues and to provide an objective resource for considering trends, technologies, and services related to electronically stored information.

    ComplexDiscovery OÜ is a technology marketing firm providing strategic planning and tactical execution expertise in support of cyber, data, and legal discovery organizations. Focused primarily on supporting the ComplexDiscovery publication, the company is registered as a private limited company in the European Union country of Estonia, one of the most digitally advanced countries in the world. The company operates virtually worldwide to deliver marketing consulting and services.

    Challenged by Leaky Forms? A Study of Email and Password Exfiltration

    The report "Leaky Forms: A Study of Email and Password Exfiltration...

    Automating Incident Response? Considering Artificial Intelligence in Cyberspace

    According to the recent research report from the CCDCOE on Automated/Autonomous...

    Russian Cyberattack Activity in Ukraine: A Special Report from Microsoft

    According to an April 27, 2022 report from Microsoft's Digital Security...

    Informing Business Decisions? Cybersecurity Market Analysis Framework from ENISA

    The ENISA Cybersecurity Market Analysis Framework is designed to improve market...

    Smarsh to Acquire TeleMessage

    “As in many other service industries, mobile communication is ubiquitous in...

    A Milestone Quarter? DISCO Announces First Quarter 2022 Financial Results

    According to Kiwi Camara, Co-Founder and CEO of DISCO, “This quarter...

    New from Nuix? Macquarie Australia Conference 2022 Presentation and Trading Update

    From a rebalanced leadership team to three concurrent horizons to drive...

    Strong Growth? KLDiscovery Inc. Announces First Quarter 2022 Financial Results

    According to Christopher Weiler, CEO of KLDiscovery Inc, “The first quarter...

    On the Move? 2022 eDiscovery Market Kinetics: Five Areas of Interest

    Recently ComplexDiscovery was provided an opportunity to share with the eDiscovery...

    Trusting the Process? 2021 eDiscovery Processing Task, Spend, and Cost Data Points

    Based on the complexity of cybersecurity, information governance, and legal discovery,...

    The Year in Review? 2021 eDiscovery Review Task, Spend, and Cost Data Points

    Based on the complexity of cybersecurity, information governance, and legal discovery,...

    A 2021 Look at eDiscovery Collection: Task, Spend, and Cost Data Points

    Based on the complexity of cybersecurity, information governance, and legal discovery,...

    Five Great Reads on Cyber, Data, and Legal Discovery for May 2022

    From eDiscovery pricing and buyers to cyberattacks and incident response, the...

    Five Great Reads on Cyber, Data, and Legal Discovery for April 2022

    From cyber attack statistics and frameworks to eDiscovery investments and providers,...

    Five Great Reads on Cyber, Data, and Legal Discovery for March 2022

    From new privacy frameworks and disinformation to business confidence and the...

    Five Great Reads on Cyber, Data, and Legal Discovery for February 2022

    From biometric recognition and artificial intelligence to data embassies and processing...

    Feeding the Frenzy? Summer 2022 eDiscovery Pricing Survey Results

    Initiated in the winter of 2019 and conducted eight times with...

    Surge or Splurge? Eighteen Observations on eDiscovery Business Confidence in the Spring of 2022

    In the spring of 2022, 63.5% of survey respondents felt that...

    Types and Shadows? Issues Impacting eDiscovery Business Performance: A Spring 2022 Overview

    In the spring of 2022, 36.5% of respondents viewed increasing types...

    The Tide is In? eDiscovery Operational Metrics in the Spring of 2022

    In the spring of 2022, 46 eDiscovery Business Confidence Survey participants...