In January 2020, the California Consumer Privacy Act (CCPA) was enacted and imposed sweeping data privacy laws on businesses unlike anything seen before. Last year, the California Privacy Protection Agency (CPPA) adopted regulations to implement the Consumer Rights Act of 2020 (CPRA), which made changes to the existing CCPA regulations and added more protections for consumers. These new regulations: (1) update existing CCPA regulations to harmonize them with CPRA amendments; (2) operationalize new rights and concepts introduced by the CPRA to provide clarity and specificity to implement the law; and (3) reorganize and consolidate requirements set forth in the law to make the regulations easier to follow and understand.
During the CGAEF’s March webinar, Attorney Peter Stockburger, San Diego managing partner of Dentons, explored requirements of the CCPA/CPRA to ensure companies are prepared and in compliance. It is imperative that grocers who operate a public-facing website or engage in e-commerce are familiar with these regulations. The presentation reviewed the following:
- Substantive requirements around consent, privacy notices, loyalty program and consumer rights
- When the use of digital advertising and analytics cross into the territory of “sale” or “sharing” personal information
- Current regulatory environment including enforcement trends by the California Attorney General’s office
- Future regulations and enforcement by the California Privacy Protection Agency (CPPA)