Suchergebnisse

Established in June 2018, the CCPA was created to remedy the lack of comprehensive privacy regulation in the state of California. The CCPA came into effect on January 1, 2020, and gives California residents the right to: Learn what personal data a business has collected about them ; Understand who this data has been disclosed to ; Find out whether their personal data has been sold to third parties, and who these third parties are ; Opt out of such data transactions, or request that the data be deleted. Many organizations that do business in the state of California must align to the provisions of the CCPA. Much like the EU's GDPR (General Data Protection Regulation), businesses that fail to comply with the CCPA will face economic penalties.--

On June 28, 2018, the California Legislature passed the nation's strictest data privacy law, the California Consumer Privacy Act of 2018 ("CCPA"). Although effective January 1, 2019, the provisions of the CCPA did not become operative until January 1, 2020. The CCPA enforces compliance obligations on any business that collects covered personal information about California residents ("Consumers") and exceeds one of three thresholds: (i) annual gross revenues of $25 million, (ii) collection of personal information for commercial purpose of 50,000 or more covered consumers, or (iii) 50% or more annual revenue from selling Consumers' personal information. This low threshold demonstrates the incompatibility of the CCPA's language with its alleged mission of consumer protection. This Comment discusses the catch-22 of the CCPA-consumer data privacy versus actual consumer protection-and suggests amendments to address this conflict. In its current state, the CCPA fails to protect the Consumer as a "complex consumer." Unlike "singular consumers"-those who purchase goods and services for personal use-complex consumers hold the simultaneous role of consumer and business-owner/business-employee. This Comment suggests the following amendments to help bridge the gap between privacy and protection: (1) Restrict the scope of applicability to exclude businesses with limited financial and/or personnel resources, i.e. small businesses; and (2) Narrow the definition of "personal information" to exclude purchasing histories or tendencies and inferences drawn from the CCPA's enumerated categories. The foregoing suggestions will provide protection for complex Consumers, resulting in actual consumer protection, while maintaining the data privacy rights provided to the Consumer by the CCPA.

The Federal Trade Commission ("FTC") is currently accepting public comments on the Children's Online Privacy Protection Act ("COPPA") as part of their review process for a pending proactive legislative update. COPPA is not due for review until 2023 but because of the "rapid technological changes that impact the online children's marketplace" the FTC believes it is imperative to reevaluate COPPA's protections now. Although decades old, COPPA has increasingly made headlines, most recently as part of the FTC's settlement with YouTube and their parent company, Google, for a $170 million fine—the largest COPPA fine ever levied—for alleged violations of the legislation. Online children's content creators, app developers, and marketers are nervous that enhancing protections under the law will negatively impact their business, particularly an advertising impact. The collection and sale of personal information can affect advertising revenue because contextual advertising that is not unique to a user earns 60% to 90% less than behavioral advertising that requires the collection and generally a transaction of personal information. However, COPPA is no longer the only privacy legislation concerning the collection of children's personal information online. The first provisions of the California Consumer Privacy Act ("CCPA") go into effect January 1, 2020 as the first US privacy law to meet the modern international trend of increasing privacy protections. The CCPA was passed in 2018 and has already served as model to Nevada's updated privacy law that went into effect October 1, 2019. But as a state law, how will CCPA interact with existing federal legislation concerning children? The CCPA applies to out-of-state merchants who do business with Californians or have a website available in the state. Since California is the world's fifth largest economy, "rather than create separate systems…companies will just apply the CCPA nationwide—especially in light of larger societal trends in favor of privacy," so consumers on a national level may be exposed to tighter privacy practices online. This post was originally published on the Cardozo Arts & Entertainment Law Journal website on November 18, 2019. The original post can be accessed via the Archived Link button above.

International audience ; This article gives a comparative view of two main pieces of data privacy legislation from, respectively, California and the EU: the CCPA and the GDPR. While there are similarities between the two, there are differences, as well, providing challenges for compliance. For example, both instruments have extraterritorial effect, however only the GDPR is truly omnibus legislation given the CCPA carveouts for areas of federal legislation and its thresholds for application. Thus, this article aims to provide certain elements to be taken into consideration in evaluating legislation on both sides of the Atlantic.

Canada must wind down and ultimately phase out the vast majority of oil, gas and coal production in the next 30 years to meet our domestic and international climate goals, CCPA Senior Researcher Hadrian Mertins-Kirkwood writes in a submission to the federal government's consultation on just transition legislation. The regulatory phase-out of coal-powered electricity generation in Canada provides a very clear model for how this can and should be done, he writes. Once a clear deadline is set, firms and workers can begin to plan for the transition into new industries. In contrast, the absence of a clear end date for oil and gas production encourages firms and workers to continue to invest into what will inevitably become stranded assets and stranded careers. "There can be no just transition without a transition," Mertins-Kirkwood writes.