Off to the Races: Comment Period for CPRA Proposed Regulations Begins
On Friday, July 8th, the California Privacy Protection Agency (CalPPA) began the formal rulemaking process to adopt proposed regulations to implement California Privacy Rights Act (CPRA) amendments to the California Consumer Privacy Act (CCPA). The initial written comment period will end on August 23, 2022 at 5:00 pm Pacific Time. To cap off the initial comment period, CalPPA will hold a public hearing on August 24th and 25th, during which the agency will accept oral comments and then close the first comment period.
The rulemaking process will take some time. Indeed, it is possible this initial rulemaking round will not be complete until after Thanksgiving. Revisions to the first draft are expected through likely multiple notice and comment rounds, in addition to deliberations by the CalPPA Board in noticed public meetings. Moreover, once the agency process is complete, the Office of Administrative Law (OAL) will review the proposed regulations to ensure they are consistent with the statute.
California AG’s First Formal CCPA Opinion Directs Businesses to Disclose Internally-Generated Inferences and Expresses Skepticism Around Trade Secret Claims
In its first formal opinion interpreting the California Consumer Privacy Act (the “Opinion”), the California Attorney General (OAG) has expansively interpreted CCPA to mean that inferences created internally by a business, including those based on data that is not included in the definition of personal information, constitute “specific pieces” of personal information “collected by a business” which must be produced to consumers upon request. The Opinion, which was issued on March 10, 2022 in response to a request for clarification submitted by Assemblyman Kevin Kiley, also addressed arguments that such inferences could constitute trade secrets and signaled the OAG’s unwillingness to accept “blanket assertions” that inferences constitute trade secrets or proprietary information, requiring instead that businesses explain why an inference constitutes a trade secret with greater particularity. We highlight below some of the more instructive elements of the opinion that provide insight into potential future enforcement. (more…)
