By: Michelle Hon Donovan, Brandi Taylor and Angelica Zabanal
Last Friday, September 13, 2019, marked the final day for the California Legislature to vote to pass amendments intended to clarify the terms and scope of the California Consumer Privacy Act (CCPA), which takes effect on January 1, 2020. The bills are now on Governor Gavin Newsom’s desk for approval, and the Governor will have until October 13, 2019, to sign or veto them.
Of the CCPA amendment bills that were in consideration, the following were passed:
- AB 25, regarding employee exemption
- AB 874, regarding the definition of PI (personal information)
- AB 1146, regarding warranty and vehicle repairs
- AB 1355, regarding the B2B exemption and other clarifying amendments
- AB 1564, regarding toll-free telephone number exception
Also of note, AB 1130 – a bill that does not specifically amend CCPA – also passed. This bill expands the categories of PI covered by California’s data breach notification laws, which will now include tax identification numbers, passport numbers, military identification numbers and unique identification numbers issued on a government document, as well as certain types of specified unique biometric data. This expansion is anticipated to impact liability under the CCPA’s private right of action
While not an exhaustive list of the bills that stalled during the legislative process, the following bills of note failed to be passed by the legislature:
- AB 873, regarding the definition of de-identified
- AB 846, regarding customer loyalty programs
- AB 981, regarding exemption for certain insurance transactions
While the approved amendments did not significantly overhaul the CCPA, several notable changes were made. Please see our Alert for a detailed discussion of these changes.
