California Attorney General Xavier Becerra wasted no time in issuing new modified draft regulations for the California Consumer Privacy Act (“CCPA”), announcing new draft regulations on March 11, 2020 – just two weeks after the public comment period expired on the prior draft regulations. While the March 2020 changes are more limited than the February 2020 modifications to the original October 2019 draft regulations, the new changes have an immediate impact on all businesses currently working to comply with the CCPA’s requirements. Selected provisions of the newest draft regulations are set forth below:
Despite all of this new information and guidance, it is important to remember that these modifications are still in draft form and will undergo further revisions until finalized later this year. It remains to be seen how many more modifications will come between now and July, and businesses are already frustrated at the moving target of compliance presented by the ever-changing regulations. While it is helpful to get periodic glimpses into the AG’s thought process and see where the regulations are heading, additional draft modifications – including adding and then removing requirements, or removing them and then adding them back in, as well as making other substantive changes – will likely incentivize businesses to stop taking any further steps toward compliance until final regulations are released. The good news is the recent changes are less extensive, indicating that we are hopefully getting closer and closer to the final product.
For further information on how the modified regulations or the CCPA impacts your business, contact our Cybersecurity & Data Privacy lawyers Scott Hall and Foram Dave. You can also review additional CCPA articles and resources in our CCPA Resource Center.