New Primer on the California Privacy Rights Act (CPRA)
In summer 2018, I wrote a short primer on the California Consumer Privacy Act (CCPA) soon after its passage. That primer proved to be quite popular, and I posted annual updated versions in summer 2019 and 2020. The passage of the California Privacy Rights Act (CPRA) in November 2020 necessitated a complete revamp. However, I needed some recovery time to get past the pain of California voters’ bad decision, plus carefully parsing the CPRA is one of life’s joyless tasks that begs for procrastination.
10 months later, I’m pleased to announce my revamped primer on the CPRA/CCPA–a 4,000 word piece that summarizes the 27,000 words in the CPRA (so far) plus the 20,000+ words of the CCPA and its regulations. As you can imagine, this is not your typical dry description of a law. Every word in the primer is infused with my characteristic disdain for the CPRA’s process and substance. If you’re not familiar with the CPRA, this is a good one-stop resource to get you up to speed. If you are familiar with the CPRA, you’ll enjoy seeing the story told with the snark and opprobrium it deserves.
Prior CCPA/CPRA Posts
* CCPA Definitions Confuse the Judge in a Data Breach Case–In re Blackbaud
* A Roundup of CCPA Court Decisions (I Only Know of 7)
* CCPA Data Breach Lawsuit Against Walmart Fails–Gardiner v. Walmart
* The Anticipated Domino Effect: Virginia Passes Second State “Comprehensive” Privacy Law (Guest Blog Post)
* SF Chronicle Op-Ed: “Prop. 24 is the Wrong Policy Approach, at the Wrong Time, via the Wrong Process”
* Over 50 Privacy Professionals & Experts Oppose Prop. 24
* Californians: VOTE NO ON PROP. 24, The California Privacy Rights Act (CPRA)
* A Review of the “Final” CCPA Regulations from the CA Attorney General
* The CCPA Proposed Regs’ Data Valuation Calculation Provisions Provide Flexibility, But Raise Ambiguity & Transparency Concerns (guest blog post)
* My Third Set of Comments to the CA DOJ on the CCPA Regulations
* Comments on the DOJ’s Proposed Modifications to the CCPA Regulations
* Eric Goldman’s Comments to the California DOJ Draft Regulations for the Consumer Privacy Act (CCPA) (Part 3 of 3)
* Some Lessons Learned from the California Consumer Privacy Act (CCPA), 18 Months In (Part 2 of 3)
* Resetting the California Consumer Privacy Act (CCPA)…with 2 Weeks To Go! (Part 1 of 3)
* And At the End of the Day, the CCPA Remains Very Much the Same (Guest Blog Post)
* A Recap of the Senate Judiciary Committee Hearing on Amending the California Consumer Privacy Act (Guest Blog Post)
* Want Companies to Comply with the CCPA? Delay Its Effective Date (Guest Blog Post)
* Recap of the California Assembly Hearing on the California Consumer Privacy Act
* A Status Report on the California Consumer Privacy Act
* 41 California Privacy Experts Urge Major Changes to the California Consumer Privacy Act
* California Amends the Consumer Privacy Act (CCPA); Fixes About 0.01% of its Problems
* Recent Developments Regarding the California Consumer Privacy Act
* The California Consumer Privacy Act Should Be Condemned, Not Celebrated
* A First (But Very Incomplete) Crack at Inventorying the California Consumer Privacy Act’s Problems
* Ten Reasons Why California’s New Data Protection Law is Unworkable, Burdensome, and Possibly Unconstitutional (Guest Blog Post)
* A Privacy Bomb Is About to Be Dropped on the California Economy and the Global Internet
* An Introduction to the California Consumer Privacy Act (CCPA)