CPPA to Focus on Data Minimization and Consumer Requests

Trending News

Beltway Buzz, April 26, 2024

Q&A – FTC Rule Banning Non-Competes With Workers

Blockchain+ Bi-Weekly: Week of April 25, 2024

Compliance Update — Insights and Highlights April 2024

FTC Approves Non-Compete Ban

Final Rule Raises Salary Threshold to $58,656 for Employee Overtime Exemptions

EEOC Final Rule Implementing the Pregnant Workers Fairness Act

Trending in Telehealth: April 9 – April 15, 2024

Healthcare Preview for the Week of: April 22, 2024 [Podcast]

Pregnant Workers Fairness Act Final Regulations Released

Brittany Walter

Email

415.774.2973

Bio and Articles

The CPPA Signals Focus on Data Minimization and Consumer Requests

by: Brittany Walter of Sheppard, Mullin, Richter & Hampton LLP - Eye On Privacy

Thursday, April 25, 2024

Print Mail Download

i

Earlier this month, the California Privacy Protection Agency (CPPA) issued its first-ever enforcement advisory (No. 2024-01). The advisory addresses what it calls the “foundational principle” of data minimization, and more specifically, as applied to the processing of consumer requests.

The advisory was issued in response to the Enforcement Division’s purported observation of certain business practices that require consumers to “provide excessive and unnecessary personal information” when processing consumer requests. It outlines a few less obvious circumstances where the concept of data minimization applies and provides examples and guidance on how to respond. The examples include handling of consumer requests to opt-out of the sale or sharing of data and the verification of a consumer’s identity.

Putting into practice: Covered businesses should carefully evaluate their internal policies and procedures and assess the extent to which they could be viewed as collecting more information than “strictly necessary” to verify and process consumer requests.

Listen to this post

Current Legal Analysis

FTC Calls Out Bill Payment Company’s Use of Dark Pattern Practices

by: A.J. S. Dhaliwal , Mehul N. Madia

FTC Final Rule Banning Most Worker Noncompete Agreements

by: Baldwin J. Lee , Melissa K. Bell

From Payment Service Providers to Professional Football Clubs: New EU Regulations to Combat Money Laundering Adopted

by: Annabelle Juliette Rau

FTC Cracks Down on Payments Processor for Facilitating Fraud

by: A.J. S. Dhaliwal , Mehul N. Madia

US Treasury Releases Final Regulations for $7,500 EV Tax Credit, Maintains Exclusions for Foreign Entities of Concern

by: Chris DiAngelo , Mitchell A. Fagen

More from Sheppard, Mullin, Richter & Hampton LLP

FTC Calls Out Bill Payment Company’s Use of Dark Pattern Practices

by: A.J. S. Dhaliwal , Mehul N. Madia

FTC Cracks Down on Payments Processor for Facilitating Fraud

by: A.J. S. Dhaliwal , Mehul N. Madia

Ninth Circuit Holds Loan Modification Made by Unlicensed Lender Violates State Usury Law

by: A.J. S. Dhaliwal , Mehul N. Madia

Tennessee New Law to Curb “De-Banking”

by: A.J. S. Dhaliwal , Mehul N. Madia

Responsible AI – Everyone is Talking About it But What Is It?

by: James G. Gatto

Health-e Law Episode 9: Remote Patient Monitoring Innovating Health Tech with Dr. Vipul Kella of Physio AI [Podcast]

by: Sara Helene Shanti , Phil Kim

What the FTC’s Noncompete Ban Means for Healthcare

by: John D. Carroll , Bevin M.B. Newman

FDA Makes Good on Its Promise to Regulate Laboratory-Developed Tests

by: Dominick DiSabatino , Audrey Mercer

NIST Updates AI RMF as Mandated by the White House Executive Order on AI

by: James G. Gatto

New DOL Exemption Rule Requires Two-Step Salary Increases Under FLSA for Exempt Employees

by: Richard J. Simmons

Upcoming Legal Education Events

Jun

12

2024

REACH 30/30 - June 12th, 2024

Jun

4

2024

FinTech and Securities Trading Platforms

May

29

2024

Emerging Legal Concepts for Generative AI - Part 3

May

22

2024

OSHA 30/30 - May 22nd, 2024

Print