Overview
Regulators in California and Colorado recently announced enforcement sweeps under new and newly updated state privacy laws. Companies in Colorado (including nonprofits) and California should double-check their privacy notices, processes and documentation to comply with these laws, particularly the enforcement priorities identified in the notices.
Colorado: The Colorado Attorney General announced an enforcement sweep just days after the Colorado Privacy Act (CPA) took effect on July 1, 2023. The stated priorities include complying with sensitive data processing requirements and targeted advertising and profiling opt-out requests. Although the Attorney General noted that letters mailed to Colorado organizations were intended to be educational warnings, we are aware of more direct enforcement and inquiries as well. The attorney general’s office also launched a designated CPA resource hub with FAQs, guidance and links to the final regulations.
California: Alongside Colorado, the California Attorney General recently revealed an enforcement sweep targeting large employers’ processing of personnel-related data, which is now subject to the California Consumer Privacy Act (CCPA). This latest CCPA sweep follows prior enforcement initiatives targeting mobile apps and “do not sell” requirements in the retail, travel, and food services sectors and financial incentive requirements, as well as numerous published case examples. The California Privacy Protection Agency is also signaling its commitment to enforcement with a review of connected vehicle manufacturers’ data privacy practices.
If you have questions or need assistance ensuring compliance with these laws and regulator enforcement priorities, please reach out to Elliot Golding or Allison M. Tassel or contact your regular McDermott lawyer.
Check out our additional coverage on new state consumer privacy laws:
Ruling Delays Enforcement of Latest CCPA Regulations
Oregon Joins the Consumer Privacy Trend
Texas Consumer Privacy Law Nears Governor’s Signature
Florida Adds a New Twist to Consumer Privacy Patchwork
Tennessee Joins the Fray as Legislature Passes Consumer Privacy Law
Consumer Privacy Law Comes to Big Sky Country as Montana Passes New Law
Indiana Passes Consumer Privacy Bill
Iowa’s New Privacy Law: The Basics
Colorado Finalizes Sweeping New Privacy Rules; Iowa Joins the Fray
Preparing for New Consumer Privacy laws in Colorado, Connecticut and Utah
