Skip to main content
Menu Icon
Close

InfoBytes Blog

Financial Services Law Insights and Observations

Final CCPA regulations approved

State Issues State Attorney General CCPA Regulation Consumer Protection Privacy/Cyber Risk & Data Security

State Issues

On August 14, the California attorney general announced that the Office of Administrative Law (OAL) approved the final regulations under the California Consumer Privacy Act (CCPA). As previously covered by InfoBytes, the CCPA—enacted in June 2018 (covered by a Buckley Special Alert) and amended several times—became effective January 1. The proposed final regulations were submitted to OAL on June 1 and were “nonsubstantially changed” during OAL’s review process for “accuracy, consistency, and clarity.” The final regulations are effective as of August 14.

The final regulations set forth guidance regarding compliance with the CPPA, including requirements related to the various required notices under the CCPA (e.g., Notice at Collection, privacy policy, etc.), business practices for handling consumer requests (e.g., methods for submitting and responding to requests to know and requests to delete), service providers, training and recordkeeping, verification of requests, special rules for minors, and nondiscrimination requirements.

For a detailed overview of the regulations, see here (the InfoByte details an earlier version of the regulations, which remain substantially unchanged).  Details discussing the nonsubstantial changes available by InfoBytes here.