Latest Posts:
Search for:

Analyzing critical legal trends and developments across data, cyber, AI and digital regulations from around the world and beyond borders

In Uncategorized

California Attorney General Submits CCPA Proposed Regulations for Expedited Review

by , , , , , , and 1 Min Read

On June 1, 2020, in a surprise, last-minute filing, the office of the California Attorney General submitted the final CCPA final California Consumer Privacy Act (CCPA) proposed regulations to the California Office of Administrative Law (OAL).

What does this mean for businesses subject to the CCPA?

Under normal circumstances, the OAL would have 30 days to review the proposed regulations for procedural compliance with California’s Administrative Procedure Act; however due to the COVID-19 pandemic, this timeframe has been extended by 60 additional days. This being said, the California Attorney General requested an expedited review, asking the OAL to complete its review of the final CCPA proposed regulations within the next 30 business days, and that the proposed regulations become effective upon filing with the Secretary of State. If the OAL honors this request, the regulations could become effective as early as early July – shortly after the California Attorney General will begin enforcement of the CCPA.

As such, businesses should continue working toward compliance with the text of the CCPA, as well as the text of the final proposed CCPA regulations.

Categories:
Tags:
Author

Brian Hengesbaugh is Global Chair of Baker McKenzie's Data & Cyber Practice. Formerly special counsel to the general counsel of the US Department of Commerce, Brian played a key role in the development and implementation of the US Government’s domestic and international policy in the area of privacy and electronic commerce. In particular, he served on the core team that negotiated the US-EU Safe Harbor Privacy Arrangement (Safe Harbor) and earned a Medal Award from the US Department of Commerce for this service.

Author

Brandon Moseberry advises global consumer, information technology, manufacturing, medical device, and financial institutions, among other clients, on a wide range of global data privacy, cybersecurity, direct marketing, social media, behavioral advertising, and related matters.

Author

Harry is a partner based in New York. He advises global organizations on privacy and data security compliance requirements. His practice is focused on delivering commercially practical advice on designing security, privacy, and technologically compliant solutions.

Author

Amy de La Lama has assisted a wide array of companies in addressing legal issues related to global privacy and data collection, data security, information technology and related restrictions on data collection and movement.

Author

Michael advises clients across various industries, including global online businesses, pharmaceutical companies, healthcare providers, manufacturers, financial institutions, sourcing providers, retail companies, and other organizations regarding the legal aspects of global privacy and data protection, data security, information technology, and related restrictions on data collection and transfer.

Author

Lothar has been helping companies in Silicon Valley and around the world take products, business models, intellectual property and contracts global for nearly 20 years. He advises on data privacy law compliance, information technology commercialization, interactive entertainment, media, copyrights, open source licensing, electronic commerce, technology transactions, sourcing and international distribution at Baker McKenzie in San Francisco & Palo Alto.

Author

Cristina Messerschmidt is a senior associate in the Data and Cyber practice group based in Chicago, advising global organizations on data privacy and cybersecurity compliance requirements, data security incident response, and legal issues related to AI.

Author

Gary is an associate in the Chicago office. His practice focuses on regulatory and transactional issues in global privacy and data protection, including cross-border data transfers, data security, data breach notification, global privacy, website privacy policies, behavioral advertising, and comprehensive compliance programs.

Related Posts