The California Privacy Protection Agency (“the Agency”) announced October 17, 2022, proposed modifications to the draft regulations for the California Privacy Rights Act (CPRA) that were published on July 8, 2022. The draft regulations expanded on the text of the CPRA setting out a number of additional requirements regarding obtaining consumer consent, supporting the exercise of consumer rights, contracting with service providers, contractors and third parties to share data, and increasing transparency in privacy notices provided to consumers.
This legal update summarizes a few key changes from the initial proposed CPRA regulations. While the CPRA regulations are still not final, the latest revisions will be valuable as businesses prepare for the CPRA’s effective date of January 1, 2023, and enforcement start date of July 1, 2023.