State Legislation

Subscribe to State Legislation via RSS

Key point: The California legislature is currently considering several privacy-related bills that could impact the private sector.

The California legislature is currently in its summer recess, returning on August 18. Once it returns, it will have approximately five weeks to pass bills prior to closing for the year on September 12.

We are currently tracking 23 private sector AI-related bills and eight privacy-related bills that crossed chambers at the legislature’s deadline. If passed and signed into law, these bills could significantly impact companies doing business in California.

In this two-part series, we provide a brief summary of the bills and their current status. This article focuses on the privacy bills. Our prior article focused on the AI bills. Once the legislature reconvenes, we will provide regular updates on the status of the bills. If you are not already subscribed to this blog, we encourage you to do so to stay up to date.

At its July 24 meeting, the California Privacy Protection Agency Board authorized agency staff to finalize and submit to the Office of Administrative Law the rulemaking package for various new California Consumer Privacy Act (CCPA) regulations. Once effective, these regulations will significantly impact entities doing business in California.

CA_StateFlag_1200x600_GettyImages-1481930014

Key point: At its July 24 board meeting, the California Privacy Protection Agency Board authorized agency staff to finalize regulations on automated decision-making technology, risk assessments, cybersecurity audits, insurance, and changes to the existing regulations.

At its July 24 meeting, the California Privacy Protection Agency Board authorized agency staff to finalize and submit to the Office of Administrative Law the rulemaking package on various new California Consumer Privacy Act (CCPA) regulations. The new regulations are on automated decision-making technology, risk assessments, cybersecurity audits, insurance, and changes to existing regulations.

In this article, we provide an overview of some of the more notable aspects of the regulations. We also will be hosting a two-part webinar series on August 21 and September 25 to provide a more in-depth analysis of the regulations. Click here for more information and to register.

Biometric-Data_1200x600_GettyImages-1311613664

In Part One of this FAQ series, we break down Virginia’s Senate Bill 754, Consumer Protection Act; prohibited practices, etc., reproductive or sexual health information (Act), which amends the Virginia Consumer Protection Act (VCPA). The law goes into effect on July 1. Overall, given the broad definitions used in the Act, the law likely regulates organizations that are not traditional health care companies, and goes beyond traditional health information.

Webinars_1200x600_GettyImages-1286694373

On June 2, the New Jersey Division of Consumer Affairs announced the publication of new proposed regulations to implement the New Jersey Data Privacy Act (NJDPA), N.J. Stat. §§ 56:8-166.4 et seq., which went into effect on January 15. (Please see our prior article on the NJDPA for more details.) Although many of these proposed regulations appear familiar – similar to the finalized regulations under the California Consumer Privacy Act (CCPA) and the Colorado Privacy Act (CPA) – New Jersey introduced several new requirements worth noting.