The California Attorney General’s Office has released a notice of modifications to the proposed regulations for the California Consumer Privacy Act (CCPA) on Feb. 7, 2020, and additional updates on Feb. 10, 2020.
The release included the text of the modified proposed regulations in a redline version, and a clean version, along with a list of documents and other information relied upon in the rulemaking process.
The notice states that the modifications were made in response to public comments received during the initial comment period and to conform with the proposed regulations with recent changes in the law.
The California Attorney General accepted written comments regarding the modified regulations until Feb. 25, 2020. Final regulations are expected to be issued after the comment period, and prior to July 1, 2020, which is the earliest possible day the Attorney General can enforce the law. A final statement of reasons is expected to be issued with the final rulemaking to provide further context and clarification of the regulations.
The modifications do not change the overall structure of the proposed regulations. There is no change to the requirements that companies provide notice at the “point of collection” when personal information is collected from a consumer, and provide a broader privacy policy, which may be posted on a Web site or mobile application. The modifications do expand on notice requirements by providing that when a business collects personal information over the telephone or in person, it may provide the notice orally.
Some of the other modifications to the proposed regulations include:
►Guidance on the Definition of “Personal Information.”
►Addition of “Just-In-Time Notification” for unexpected data collection.
►Guidance on Accessibility Requirements of Notices.
►Reduction in Detail Needed for General Privacy Policy.
►Additional Guidance on Requirements for Complying With Requests to Know and Requests to Delete.
►Additional Detail on Requests to Opt-Out.
►Clarification of Obligations Imposed on Service Providers.
►Guidance on the Separation of Employment Notices from Consumer Notices.
►Removal of 90-Day Look-Back Period for Opt-Out Requests.
While the modifications address many key issues, additional updates may be made by the Attorney General at the conclusion of the current comment period. DocMagic will continue to monitor the development of CCPA regulations.
Gavin T. Ales is chief compliance officer with Torrance, Calif.-based DocMagic Inc. He may be reached by phone at (800) 649-1362, ext. 6446 or e-mail [email protected].
This sponsored editorial originally appeared in the March 2020 print edition of National Mortgage Professional Magazine.
