CPRA – California’s new & improved CCPA
The new and improved California Copyright Practices Act (CCPA), also known as the California Copyright Reform Act (CCRA-CA), is set to take effect on January 1, 2023. Here are some things you should know about the new CCPA.
CCPA:
The CCPA is a comprehensive data privacy law that was enacted in California and came into effect on January 1, 2020. It gives California residents greater control over their personal information that is collected and processed by businesses. Key provisions of the CCPA include:
- Consumer Rights: The CCPA grants consumers the right to know what personal information businesses collect about them, the right to request deletion of their data, and the right to opt out of the sale of their personal information.
- Notice and Disclosure: Businesses are required to provide clear and transparent notices to consumers about their data collection practices, including the types of information collected and the purposes for which it’s used.
- Opt-Out Rights: Businesses are required to offer an opt-out mechanism for the sale of personal information, allowing consumers to prevent their data from being sold to third parties.
- Non-Discrimination: The CCPA prohibits businesses from discriminating against consumers who exercise their rights under the law, including denying goods or services or charging different prices.
CPRA:
The CPRA, also known as Proposition 24, builds upon the CCPA and was passed as a ballot initiative in November 2020. It introduces more comprehensive privacy protections for California residents and establishes a new privacy enforcement agency, the California Privacy Protection Agency (CPPA). The CPRA’s provisions are set to be phased in over time, with full enforcement expected by 2023. Key features of the CPRA include:
- Sensitive Personal Information: The CPRA introduces the concept of “sensitive personal information” and provides enhanced rights for consumers regarding its processing, including the right to limit its use and disclosure.
- Expanded Opt-Out Rights: The CPRA expands the opt-out right to cover not only the sale of personal information but also the sharing of personal information for cross-context behavioral advertising.
- Data Retention Limits: Businesses are required to limit the retention of personal information to what is necessary for the purposes for which it was collected.
- Children’s Privacy: The CPRA establishes additional protections for the personal information of minors, including requiring opt-in consent for consumers under 16 and introducing a new category for consumers under 13.
- Enforcement and Fines: The CPRA empowers the CPPA to enforce both the CCPA and CPRA provisions and imposes stricter penalties for violations involving the personal information of minors.
Timeline of CCPA & CPRA :
CPRA : New for Publishers
Here are some potential aspects that could be relevant to publishers:
- Sensitive Personal Information Category: The CPRA introduces a new category called “sensitive personal information,” which includes data such as Social Security numbers, financial account information, precise geolocation data, racial or ethnic origin, genetic data, and more. Publishers need to handle sensitive personal information with additional care and may need to obtain explicit consent from consumers to process this type of data.
- Expanded Opt-Out Rights for Cross-Context Behavioral Advertising: Publishers engaging in cross-context behavioral advertising (targeted advertising based on user behavior across different websites and platforms) are subject to expanded opt-out requirements. The CPRA extends the opt-out right to cover the sharing of personal information for such advertising purposes.
- Data Retention Limits and Purpose Limitation: The CPRA emphasizes data minimization and purpose limitation by requiring businesses, including publishers, to limit the retention of personal information to what is necessary for the purposes for which it was collected. This could impact how long publishers retain user data and the justifications for doing so.
- Children’s Privacy and Consent: The CPRA enhances privacy protections for minors. For users under the age of 16, publishers may need to obtain opt-in consent for the collection and sale of their personal information. For users under the age of 13, opt-in consent is required from a parent or guardian.
- Enforcement and Fines: The CPRA establishes the California Privacy Protection Agency (CPPA) as the enforcement authority for both the CCPA and CPRA. This agency has the authority to enforce penalties for violations. Fines for non-compliance, especially in cases involving the personal information of minors, can be significant.
- Right to Correct Inaccurate Personal Information: The CPRA introduces a new right for consumers to correct inaccurate personal information held by businesses. Publishers need to have processes in place to handle such correction requests.
- Joint Liability for Data Sharing: If publishers share data with third parties, the CPRA introduces the concept of joint liability. This means that if a third party misuses the data, both the third party and the business that shared the data can be held accountable.
- Impact on Service Providers and Contractors: The CPRA clarifies and refines the definitions and relationships between businesses, service providers, and contractors. Publishers need to understand these relationships to ensure proper compliance.
- Updated Privacy Policy Requirements: The CPRA introduces new requirements for privacy policies, including the need to disclose retention periods for different categories of personal information.
- Data Protection Impact Assessments (DPIAs): The CPRA gives the CPPA the authority to require businesses, including publishers, to conduct and submit DPIAs for certain high-risk data processing activities.
Modifications to CCPA by CPRA:
- Opt-out of Cross Context Behavioral Advertising : The Consumer Data Protection Act (CCPA) contains a provision that permits consumers to prohibit publishers from selling data to third parties. However, given the ambiguity of the term ‘sell’, many publishers engaged in cross-promotion behavioral advertising were excluded from this provision. Due to the fact that behavioral advertising does not necessitate the ‘sale’ of customer data, it has left many consumers and digital advertisers perplexed. However, the Consumer Product Rights Authority (CPRA) has clarified this ambiguity by incorporating the concept of the “sharing” of consumer data into its scope of application. Under the CPRA, the consumer has the right to “opt-out” from the context of behavioral advertising. This will prevent businesses from using their personal data to sell or share for advertising purposes. In addition, according to the CPRA, the definition of Cross-Cultural Behavioral Advertising is as follows: “Cross-cultural behavioral advertising” refers to targeted advertising that uses a consumer’s personal information collected from their online activity across distinct brands of websites, brands of businesses, brands of applications, brands of services, and brands of products other than the targeted business, brand of application, brand of website, or brand of service that the consumer deliberately interacts with.”
- Contractual Requirements : Under the CPRA, businesses must enter into appropriate contracts with their SPSPs and contractors to restrict the storage, use, or disclosure of personal data for any purpose other than the scope of the contract. These contracts will allow businesses to control the consumer data that they share with other parties by monitoring compliance with the terms of their contract. Businesses may conduct a review, automated assessment, and audit at least once per year to make sure the consumer data is not sold or made available by their SPSPs outside of the scope of the agreement.
- Security Audit : Under the CCPA, publishers are required to take reasonable steps to protect the privacy of consumer data. However, under the CPRA, the requirements are even stricter. Under the new rules in the CPRA, those who collect personally identifiable information (PII) about consumers are required to conduct an annual cyber security audit and provide the CPPA with a risk analysis report. The risk assessment should consider the potential risks and benefits associated with the processing of consumer data. If the benefits outweigh the risks, then the CPPA can restrict or prohibit the processing of such data under the CCPA or the CPRA.
Penalties for Violations:
If a publisher is non-compliant and is found to be in violation of the CPRA, civil penalties are $2500 to $500 per violation and $750 to $1,000 per violation if the court finds that the violation was intentional. The new CPRA also has a new $7500 penalty for violations (unintentional) of consumer privacy of minors. The law also makes it clear that providers of third-party services will be held accountable for any violations. Since publishers are responsible for protecting consumer data they collect, any violations of the law by third-party providers can also result in penalties for the publisher if they do not have a contractual agreement to protect consumer data. In addition, the CPRA has removed the provision in CCPA that allows a publisher or a business to avoid penalties if it can address and correct the violations within 30 days after being notified.
Right of Private Action:
The CCPA gives consumers the right to take private action against a business for a breach of consumer’s personal information or sensitive personal information. This means consumers can sue companies for a breach of their personal information.
However, the CPRA has changed the scope of this right to allow consumers to take private action only in the case of a breach of unencrypted and unredacted data. The CPRA also includes breaches involving ‘email addresses in combination with passwords or security questions and answers that may grant access to an account’, subject to a consumer’s right to a private action.
In the event of a breach, consumers can seek damages from the court for damages ranging from $100 to $750 per consumer for each incident, or actual damages up to $1 million, whichever is greater, as well as injunctive and declaratory relief, or any other relief deemed appropriate by the court.
Future Beholds:
Currently, the Consumer Data Protection Act (CPRA) is one of the most comprehensive consumer data privacy laws in the country. With several new state regulations set to enter into force in 2023, it’s important for publishers to be well-prepared for the changes to come. With new privacy laws in the works in Colorado and Connecticut, as well as Utah and Virginia, publishers must continue to adhere to best practices to comply with privacy laws.
Since sharing and storing consumer data is likely to be at the top of the list in most new privacy policies, publishers may want to consider using consent or data management platforms (DMPs) to monitor their data processing operations.
While the CPRA has improved upon its predecessor, the Consumer Data Privacy Act (CCPA), updating the privacy frameworks is a top priority for publishers to prevent violations, as per the CPRA. Publishers should also make sure their third party service providers (SPPs) and ad tech partners (ADPs) are CPRA-compliant and create contractual agreements in place to protect themselves in the event of a violation.
Friendship, some say, is a single soul residing in two bodies, but why limit it to two? What if friendship is more like a great, endless web, where each connection strengthens the whole? Maybe we are not separate beings at all, but parts of one vast consciousness, reaching out through the illusion of individuality to recognize itself in another.
Excellent article! We are linking to this particularly great post on our site. Keep up the great writing.
I think you’re right on the mark here. I came across a similar post on TX88, and it added some great insights that complement your point.
All knowledge, it is said, comes from experience, but does that not mean that the more we experience, the wiser we become? If wisdom is the understanding of life, then should we not chase every experience we can, taste every flavor, walk every path, and embrace every feeling? Perhaps the greatest tragedy is to live cautiously, never fully opening oneself to the richness of being.
Even the gods, if they exist, must laugh from time to time. Perhaps what we call tragedy is merely comedy from a higher perspective, a joke we are too caught up in to understand. Maybe the wisest among us are not the ones who take life the most seriously, but those who can laugh at its absurdity and find joy even in the darkest moments.
I think you’ve made a solid argument, and it’s something I’ve also read about on https://iwinclub88.gift/. They offer a comprehensive analysis of this subject too.
I agree with you completely. This is a topic I’ve also seen discussed extensively on iwinclub, and the articles there provide a lot of depth on the matter.
After checking out a handful of the articles on your blog, I really appreciate your technique of blogging. I book-marked it to my bookmark website list and will be checking back soon. Take a look at my website as well and tell me how you feel.
Hi there! This article could not be written much better! Looking at this post reminds me of my previous roommate! He continually kept talking about this. I most certainly will forward this post to him. Fairly certain he will have a very good read. Thanks for sharing!
Hello there! This article couldn’t be written any better! Looking through this post reminds me of my previous roommate! He always kept preaching about this. I’ll send this information to him. Pretty sure he’s going to have a good read. Many thanks for sharing!
This is a great point! I saw something very similar in an article on https://fabets.dev/, and it made me reflect on the issue in a new way.
I was excited to uncover this great site. I wanted to thank you for your time due to this fantastic read!! I definitely savored every little bit of it and i also have you bookmarked to see new stuff on your blog.
Good post! We will be linking to this great post on our site. Keep up the good writing.
A fascinating discussion is worth comment. There’s no doubt that that you ought to publish more on this topic, it may not be a taboo matter but typically people do not talk about these subjects. To the next! Many thanks.
Prodentim
You need to be a part of a contest for one of the most useful sites on the web. I most certainly will recommend this web site!
This is such a solid point! I’ve seen similar ideas discussed on One88, and they align perfectly with what you’re saying here. It’s great to see others agree.
Way cool! Some extremely valid points! I appreciate you penning this write-up and also the rest of the site is also really good.
Good article! We are linking to this particularly great article on our site. Keep up the great writing.
It’s nearly impossible to find experienced people on this subject, but you sound like you know what you’re talking about! Thanks
Way cool! Some extremely valid points! I appreciate you writing this write-up and the rest of the site is extremely good.
NATURAL MOUNJARO RECIPE
Spot on with this write-up, I absolutely believe this amazing site needs much more attention. I’ll probably be back again to read through more, thanks for the information.
Gluco Tonic
Virtue, they say, lies in the middle, but who among us can truly say where the middle is? Is it a fixed point, or does it shift with time, perception, and context? Perhaps the middle is not a place but a way of moving, a constant balancing act between excess and deficiency. Maybe to be virtuous is not to reach the middle but to dance around it with grace.
I would like to thank you for the efforts you’ve put in writing this site. I really hope to view the same high-grade blog posts from you later on as well. In fact, your creative writing abilities has inspired me to get my very own site now 😉
An impressive share! I’ve just forwarded this onto a coworker who had been conducting a little research on this. And he actually ordered me dinner due to the fact that I discovered it for him… lol. So let me reword this…. Thanks for the meal!! But yeah, thanks for spending time to discuss this issue here on your blog.
I agree with you completely. This is a topic I’ve also seen discussed extensively on https://fabet8.top/, and the articles there provide a lot of depth on the matter.
You’re so interesting! I don’t believe I have read through something like that before. So nice to discover somebody with a few original thoughts on this subject. Seriously.. thanks for starting this up. This website is something that’s needed on the web, someone with a little originality.
I think you’ve captured the essence of this issue perfectly. I recently came across an article on five88 that offers a similar viewpoint, and it made me think about this topic from a different angle.
I have to thank you for the efforts you have put in writing this site. I am hoping to view the same high-grade content by you later on as well. In truth, your creative writing abilities has motivated me to get my very own blog now 😉
I’m in full agreement with this. I came across a similar discussion on https://five88com.biz/, and it gave me a clearer understanding of the topic you’re discussing here.
You made some good points there. I looked on the net for more info about the issue and found most people will go along with your views on this site.
It’s nearly impossible to find experienced people for this subject, but you sound like you know what you’re talking about! Thanks
Saved as a favorite, I like your blog!
Hello there! I could have sworn I’ve been to this web site before but after looking at a few of the articles I realized it’s new to me. Regardless, I’m certainly delighted I discovered it and I’ll be bookmarking it and checking back frequently.
This is a topic that’s close to my heart… Take care! Where are your contact details though?
Hiya! Cheering for the creativity—it’s outstanding. In fact, the design brings a brilliant touch to the overall vibe. Keep shining!
Greetings! Very helpful advice within this article! It is the little changes that make the most significant changes. Many thanks for sharing!
I couldn’t resist commenting. Well written!
Absolutely, this perspective makes a lot of sense. It’s similar to what I read a while ago on https://tai789club.buzz/, and it helped me understand the issue much better.
qkig7i
Everything is very open with a clear explanation of the issues. It was truly informative. Your site is very useful. Many thanks for sharing.
I used to be able to find good info from your blog articles.
I like reading through a post that will make people think. Also, thanks for allowing me to comment.
Saved as a favorite, I really like your site.
This is a topic that is near to my heart… Many thanks! Where are your contact details though?
I enjoy looking through a post that can make people think. Also, thanks for allowing me to comment.
I completely agree with this argument. I’ve also encountered similar viewpoints on Mibet, and the perspectives shared there are extremely valuable.
Pretty! This was an incredibly wonderful article. Many thanks for supplying this info.
Everything is very open with a clear explanation of the issues. It was definitely informative. Your website is very helpful. Thanks for sharing.
Greetings! Very useful advice in this particular article! It’s the little changes that will make the largest changes. Thanks a lot for sharing!