CCPA

Subscribe to CCPA via RSS

Two customers shopping for the same product on the same website at the same time may see two different prices.  This scenario is a growing reality in today’s data-driven marketplace, and California regulators are paying attention.  On Data Privacy Day 2026, California Attorney General Rob Bonta announced a new investigative sweep targeting “surveillance pricing”—a practice

Navigating the 2026 CCPA Updates

As forecasted, effective January 1, 2026, businesses that are subject to the California Consumer Privacy Act (CCPA) must comply with newly-updated regulations. For some businesses, complying with these updates will require the implementation of or updates to policies and procedures related to, among other things, risk assessments, cybersecurity

On February 21, 2025, representatives in the California legislature introduced California Assembly Bill 1355, also known as the California Location Privacy Act (“AB 1355”).  AB 1355 seeks to amend the California Consumer Privacy Act (the “CCPA”) by imposing several new restrictions on the collection and use of consumer location data. 

Under AB 1355, “location

On November 14, 2024, the California Privacy Protection Agency (“CPPA”), which is tasked with enforcing the California Consumer Privacy Act (the “CCPA”), announced it settled with two data brokers, Growbots, Inc. and UpLead LLC, for failing to register and pay required fees under Senate Bill 362, also known as the Delete Act. The companies will

On February 21st, the California Attorney General (AG) Rob Bonta announced a settlement with DoorDash for violations of the California Consumer Privacy Act (CCPA) and the California Online Privacy Protection Act (CalOPPA) relating to its participation in a marketing co-operative.  This action represents only the second public enforcement action since the CCPA went into effect

United States Capitol Building

As we have previously posted, it has been an active year on the state privacy law front.  Indeed, the number of states with privacy laws is about to nearly double in a matter of months,  with Iowa, Indiana, Montana, and Tennessee have already passed or are about to pass comprehensive

On October 17, the California Privacy Protection Agency (“CPPA”) published the first revisions to the CPRA regulations. This draft includes an extensive list of proposed changes in advance of the CPPA Board public hearing, scheduled to begin on October 21st. In addition to the newest draft regulations, the CPPA published a

On August 24, California Attorney General Rob Bonta announced a $1.2 million settlement with Sephora over allegations that the cosmetic retailer had violated the California Consumer Privacy Act (CCPA).  This first public enforcement action—and subsequent noncompliance letters the Attorney General sent to other retailers—clearly highlight the continued focus of regulators on online tracking practices and opt-out signals such

The California Privacy Protection Agency announced today that it began the formal rulemaking process to adopt the proposed regulations implementing the Consumer Privacy Rights Act of 2020 (“CPRA”).  As part of this announcement, the Agency released the following link to the Proposed Regulations and supporting documents.

The Agency will hold a public hearing for

In a surprising development, the California Privacy Protection Agency (CPPA) published proposed amendments to the CCPA regulations recently.  The proposed amendments were initially made public on May 27 in a package of materials to be considered by the CPPA at its upcoming June 8 meeting.  The proposed amendments—which in effect are the draft CPRA regulations—were