Joseph J. Lazzarotti, Jason C. Gavejian, Damon W. Silver, and Mary T. Costigan of JacksonLewis write:
The California Privacy Protection Agency (CPPA) issued its first enforcement advisory concerning the California Consumer Privacy Act (CCPA). In Enforcement Advisory No. 2024-01, the CPPA tackles a foundational principle – data minimization. Much of the attention surrounding the CCPA seems to focus on website privacy policies, notices at collection, and consumer rights requests. With its inaugural advisory directed at data minimization, the CPPA may be reminding covered business, service providers and others that CCPA compliance requires a deeper review of an organization’s practices concerning the collection, use, retention, and sharing of personal information.
Read more on Workplace Privacy, Data Management & Security Report.