New Californian Privacy Rights Act Moves Closer to Reality as Advocates Look to Secure November Ballot

by | May 6, 2020

The California Privacy Rights Act (“CPRA”), an Act that was drafted to address some of the supposed shortcomings of the recently introduced Californian Consumers’ Privacy Act (CCPA), has moved closer to a reality as advocates have secured 900,000 of the 1 millions signatures that they require to add it to the state’s November ballot.

Californians for Consumer Privacy, the advocacy group established by real estate developer Alastair Mactaggart, revealed this week that it had submitted over 900,000 signatures to county election officials in support of the CPRA. It is envisaged that this new Act would enhance the provisions made within the CCPA as it aims to further expand the privacy rights of California residents and to further increase the companies’ compliance obligations.  Previously, the CCPA has been criticized for its wide-ranging definitions, ambiguous language, and overall lack of clarity.

Mactaggart’s released a statement which said: “Laws need to keep pace with the ever-changing landscape of constant corporate surveillance, information gathering and distribution. Californians deserve to participate in and shape the conversation about how, when and with whom our most personal information is shared.”

The group was given a deadline by state officials of June 25 to secure a minimum of 623,212 signatures from California residents, verified by the state, in order for it to be placed on the Nov. 3 general election ballot.  As of yet, it has not been verified if they have already reached this total.

Some of the areas that CPRA seeks to address includes:

  1. Sensitive Personal Information:  The law will introduce a new category of information referred to as “sensitive personal information” and provide new rights for California consumers, permitting them to prevent companies from using their sensitive personal information.
  2. Definitions: The CPRA could seek to state outright, in a definition, that a person’s health, financial information, and geolocation data is defined as sensitive personal information.
  3. Right of Correction: Californians will be given the right to ask businesses to make corrections of any personal information that is inaccurate.
  4. Data Breach Liability:  The law seeks to amend, and clarify, the CCPA as it relates to data breach liability. Moreover, it states that any breaches in which a consumer’s email is compromised along with their password or a security question and answer will be the responsibility of the company and sanctions will be applied appropriately.
  5. Children’s privacy:  Children’s’ privacy rights will be bolstered and CCPA fines for collecting and selling private information of minors under 16 years of age will be increased threefold.
  6. New Enforcement Arm: A new data protection watchdog called ‘the California Privacy Protection Agency (CPPA)’ would be established to help protect consumers’ rights.
  7. Increased Transparency:  The CPPA would assist in increasing the transparency of what is being done with private data and give consumers greater management over their data.

This move comes as those advocating for a delay to the enforcing of the CCPA legislation, until January 2021, have faced a further setback as California State Attorney General Xavier Becerra confirmed there would be no such move made.

This latest development emphasizes the shift in power from companies to the consumers, and private citizens, and makes it more important that ever for businesses to ensure that they are doing everything in a completely compliant way. It would be wise to seek a consultancy to assess compliance with the CCPA and to prepare for the likely introduction of the CPRA as soon as possible.



Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.


Please enable JavaScript in your browser to complete this form.

Patrick Kennedy

Patrick Kennedy is a highly accomplished journalist and editor with nearly two decades of experience in the field. With expertise in writing and editing content, Patrick has made significant contributions to various publications and organizations. Over the course of his career, Patrick has successfully managed teams of writers, overseeing the production of high-quality content and ensuring its adherence to professional standards. His exceptional leadership skills, combined with his deep understanding of journalistic principles, have allowed him to create cohesive and engaging narratives that resonate with readers. A notable area of specialization for Patrick lies in compliance, particularly in relation to HIPAA (Health Insurance Portability and Accountability Act). He has authored numerous articles delving into the complexities of compliance and its implications for various industries. Patrick's comprehensive understanding of HIPAA regulations has positioned him as a go-to expert, sought after for his insights and expertise in this field. Patrick's bachelors degree is from the University of Limerick and his master's degree in journalism is from Dublin City University. You can contact Patrick through his LinkedIn profile:

Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.

Comprehensive HIPAA Training

Used in 1000+ Healthcare Organizations and 100+ Universities

    Full Course - Immediate Access

    Privacy Policy