Privacy & Data Security

As discussed in Q 204, the CCPA requires that a service provider agree to three substantive restrictions involving the retention, use, and disclosure of personal information.  The CPRA ostensibly expands upon the three substantive contractual restrictions by referring to nine additional provisions that should be included within a service provider agreement.  The following chart compares the substantive service provider contractual provisions under the CCPA with those that will be required by the CPRA beginning January…

Privacy & Data Security Blogs