The sweeping California Consumer Privacy Act (CCPA) takes effect on January 1. Your agency needs to review the law’s many implications now, asking such questions as:
Under CCPA, is your agency a business or a service provider?
Is your agency compliant with CCPA if you’re already compliant with the European Union’s General Data Protection Regulation (GDPR) and/or the Children’s Online Privacy Protection Act (COPPA)?
CCPA has a private right of action for data breaches. If your agency holds a client’s data, could you face a private right of action for data breach?
If your agency buys third-party data, should you ensure your vendor has complied with CCPA by providing explicit notice of opt-out to California residents?
Is the CCPA’s right to deletion the same as the GDPR’s right to erasure?
To help you navigate these changes, the 4A’s and Venable LLP provides the first set of CCPA guidelines specifically for agencies.
The California Consumer Privacy Act of 2018: What Agencies Need To Know can help your agency navigate CCPA’s key issues, and how CCPA’s obligations might apply to your agency, including an easy-to-follow checklist of best practices to get your agency started on CCPA compliance.
As the CCPA continues evolving through legislative amendments and California Attorney General clarifications, the 4A’s will continue to provide updated guidance.
For further questions about how CCPA may affect your agency, please contact the 4A’s Dick O’Brien, EVP–Government Relations, or Alison Pepper, SVP–Government Relations.
