California Consumer Privacy Act (CCPA) Set to Become Effective July 1, 2020
June 15th | 2020
Enforcement of the California Consumer Privacy Act (CCPA) is scheduled to commence on July 1, 2020. CCPA grants California consumers robust data privacy rights and control over their personal information, including the right to know, the right to delete, and the right to opt-out of the sale of personal information that businesses collect, as well as additional protections for minors.
Accordingly, Titan recommends reviewing whether your current privacy policies and practices comply with the CCPA. Here are a few reminders about CCPA that Fund managers should be aware of:
Remember that in addition to posting privacy policies to your website, you should take steps to make the appropriate disclosure to California residents at the “point of collection” for personal information.
Remember CCPA has training a requirement that must cover specific content, including, among other things, the Right to Know, Right to Request Deletion, Right to Nondiscrimination, and the Right to Opt Out.
Remember CCPA’s recordkeeping (i.e., 2-year retention) and verification requirements (i.e., documenting the basis for denying a request).
The final version of CCPA was just submitted to California Office of Administrative Law for review, so there are some administrative details that could delay the effective date. But for now, Fund managers should prepare to comply on July 1. Indeed, Attorney General Becerra is aware of the potential for a delay but clearly stated his position: “Businesses have had since January 1 to comply with the law, and we are committed to enforcing it starting July 1.”