[This is the third in a series of blog posts on how businesses should prepare for the California Privacy Rights Act which will enter into force on January 1, 2023]
When the California Privacy Rights Act (“CPRA”) takes effect on January 1, 2023, it will bring changes to several key areas of privacy law. AALRR has already covered changes regarding (a) employee data here; and (b) data retention requirements here.
[This is the second in a series of blog posts on how businesses should prepare for the California Privacy Rights Act which will enter into force on January 1, 2023]
When the California Privacy Rights Act (“CPRA”) takes effect on January 1, 2023 it will bring sweeping changes to data retention requirements in California.[1] Historically, many companies have over-retained data (and understandably so, since most risks under older laws related to a failure to keep data). The CPRA changes the data-retention landscape significantly by requiring companies to justify and disclose their retention policies, and to limit retention periods to only the time necessary to fulfill the company’s disclosed purpose for retaining.
[1] Final regulations under the CPRA are still pending and the information provided herein is subject to modification. This guidance also does not cover data retention principles under statutes other than CPRA.
RSS Feed
Follow us on Facebook
Follow us on Twitter
Follow us on LinkedInOther AALRR Blogs
Recent Posts
- Understanding Deceptive California Statement of Information Scams
- Closing of Pre-Hearing Discovery Loopholes in Arbitration
- International Enforcement of U.S. Trademarks: Simplicity for Complexity’s Sake
- Last Minute Court Decision Delays Enforcement of CPRA Regulations
- Trademark Infringement Is No Joking Matter: Supreme Court Reevaluates Parody Fair Use Exception and First Amendment’s Place in Trademark Infringement
- Department of Justice Expands PPP Investigations from Brazen Fraud to More Technical Violations, including Investigation into Private Clubs
- Department of Justice Expands PPP Investigations from Brazen Fraud to More Technical Violations, including Investigation into Private Clubs
- Court of Appeal Places Stricter Requirements on Employee E-Mail Access Policies
- Preparing For The CPRA Part 3: New Contractual Requirements For Data Transfers
- Preparing For The CPRA Part 2: Changes To Data Retention Requirements
Popular Categories
- (19)
- (23)
- (15)
- (3)
- (3)
- (2)
- (2)
- (3)
- (2)
- (1)
- (5)
- (4)
- (5)
- (4)
- (1)
- (3)
- (3)
- (2)
- (1)
- (1)
- (1)
- (1)
- (1)
- (1)
- (1)
- (1)
- (1)
- (1)
- (1)
- (1)
- (1)
- (1)
- (1)
- (1)
Contributors
- Sean M. Anderson
- Cindy Strom Arellano
- Reece C. Bennett
- Eduardo A. Carvajal
- Michele L. Collender
- Scott K. Dauscher
- Christopher M. Francis
- Runmin (Ivy) Gao
- Evan J. Gautier
- Carol A. Gefis
- Amber S. Healy
- Edward C. Ho
- John E. James
- Jonathan Judge
- David Kang
- Neil M. Katsuyama
- Joseph K. Lee
- Shawn M. Ogle
- Jon M. Setoguchi
- Jon Ustundag
- Brian M. Wheeler