Data Privacy and Cybersecurity

The attorneys at Cislo & Thomas LLP keep up to date on the complex and constantly changing privacy compliance laws and regulations and can assist you in all aspects of your data protection and consumer privacy compliance needs, including:

• Working with product teams throughout the development cycle advising regarding privacy compliance, intellectual property issues, and consumer protection laws

• Draft and negotiate third-party contracts keeping in compliance with privacy and consumer protection laws

• Draft online and software policies, terms of use agreements, click-wrap agreements, open-source agreements, product policies, and technology transactions

• Present internal training to advise regarding compliance with consumer protection laws in light of current policies and agreements

• Advise businesses regarding development and implementation of internal technology systems for privacy compliance from development through implementation

Below you will find links to laws and rules relevant mitigating risk in relation to data protection and consumer privacy laws in California and more, including best practices.

California Consumer Privacy Act (CCPA) Related:

California Business & Professions Code (22575 – 22579) – This section of the Business and Professions Code is on the internet privacy requirements, including, but not limited to, the requirements of a privacy policy.

California Civil Code Section 1798.82 – This section of the California Civil Code discusses data security breach requirements. California law requires a business to notify California residents of a breach involving the unauthorized access of their unencrypted personal information.

California Civil Code Section 1798.83 – Also known as the Shine the Light law, this section outlines procedures requiring businesses to disclose what personal information has been shared with third parties and what must be included in privacy policies. Under this privacy law, the California legislature defines 27 categories as personal information.

California Civil Code Section 1798.84 – California Civil Code Section 1798.84 outlines the consequences of violating Sections 1798.82-83. For example, any consumer whose private information was breached may initiate a civil action to recover damages.

Online Form: Data Security Breach Notification – This form is for businesses and state and local government agencies to submit a notice if there is a breach involving the personal information of more than 500 residents.

California Consumer Privacy Act of 2018 (1798.100 – 1798.199) – Commonly referred to as the CCPA, the statute was created to foster new consumer rights and privacy protections to California residents. The CCPA applies to businesses that have at least $25 million in annual revenue, businesses of any size that have the personal data of at least 50,000 people, or businesses that collect more than half of their revenues from the sale of personal data.

California Consumer Privacy Act Fact Sheet – The Office of the Attorney General released an official fact sheet about the California Consumer Privacy Act.

California Consumer Privacy Act Regulations: Information about the Rulemaking Process – The Office of the Attorney General provides information about the rulemaking process for the CCPA, which is governed by the Administrative Procedures Act.

Attorney General Becerra Publicly Releases Proposed Regulations under the California Consumer Privacy Act – The Office of the Attorney General publicly released proposed regulations under the CCPA on Thursday, October 10, 2019.

The Ballot Initiative, AB 375 – Learn more about the history of the CCPA by viewing Assembly Bill No. 375.

The Ballot Initiative, SB 1121 – Learn more about the history of the CCPA by reading Senate Bill No. 1121.

The Privacy Advisor Podcast: CCPA in its Final Form – The International Association of Privacy Professionals (IAPP) provides a podcast on the final version of the CCPA and the amendments that preceded it.

The Privacy Advisor Podcast: Some Industry Perspective on Amended CCPA – The IAPP provides a podcast about the industry perspective on the CCPA, including some of the most difficult aspects of compliance.

Digital Advertising Alliance Do-Not-Sell Tool for Publishers and Third Parties – The Digital Advertising Alliance provides self-regulatory guidelines for “CA Do Not Sell” requests.

Digital Advertising Alliance Announces CCPA Tools for Ad Industry – The Digital Advertising Alliance provides web and app-based tools that will provide CCPA opt-out mechanisms.

Data Security Breach Reporting – The Office of the Attorney General requires business or state agency to notify any California resident whose unencrypted personal information was acquired by an unauthorized person.

Privacy Enforcement Actions – The Office of the Attorney General publicly releases privacy enforcement actions, including Equifax, Target, etc.

California Privacy in the News – Californians for Consumer Privacy released a newsletter on matters related to consumer privacy and cybersecurity.

Californians for Consumer Privacy: CCPA Facts – Californians for Consumer Privacy released a factsheet on the CCPA, including how to protect your privacy rights, securing personal information, etc.

Top 5 Operational Impacts of the CCPA – The IAPP provides a free guide to help business comply with the CCPA.

The American Bar on the California Consumer Privacy Act – The American Bar Association released an article on July 2, 2019 about the California Consumer Privacy Act.