Disclaimer: This blog is for general information purposes only and does not constitute legal advice and does not create or intend to create an attorney-client relationship. This blog post should never be used to replace the advice of your personal attorney.

The California Privacy Rights Act of 2020 (CPRA) is a ballot initiative that has the purpose of protecting the privacy rights of people in the State of California. Its design is the work of the same non-profit organization, which sponsored the creation of the California Consumer Privacy Act (CCPA) in 2018. It also shares similarities with the European general data protection regulation or GDPR for short. Upon approval from voters, the CCPR will however trigger the creation of the California Privacy Protection Agency. The Agency’s main focus would be enforcing the CCPA and implementing the latest updates the attorney general made to the existing CCPA regulations. Should Californians approve the CPRA, they’ll benefit from an extension of the CCPA’s provisions regarding human resources and business-to-business relationships.

What Are Privacy Rights? 

The Right to Privacy is however a legal concept that manifests itself in several privacy laws in the United States. Though it isn’t one of the primary rights of citizens as defined in the Constitution, the Supreme Court says the right to privacy is guaranteed. Most states recognize four pillars of the right to privacy:

  • Ownership of name and likeness
  • Private affairs
  • Private facts
  • The public perception of an individual

These so-called “torts” are the foundations of privacy law in the US, including the CCPA and the CPRA. 

Suggested Article: Understanding The National Do Not Call List

What Does The California Privacy Rights Act Entail?

Alastair Mactaggart from Californians for Consumer Privacy rights explains that CPRA would improve upon the CCPA. Additions and changes to the existing legislation include:

  • CPRA mandates that businesses update their cybersecurity practices to guard against data breaches
  • Prohibition of business providers combining personal data they gathered with such from another company or organization
  • Enables consumers to opt-in and opt-out from sharing sensitive personal information for behavioral advertising. They can also ask a company to fix incorrect personal data about them and limit their use of such data for commercial purposes
  • Limits the business’s right to access e-mail addresses, passwords, and security questions of individuals. 
  • Elimination of the 30 days in which a business can correct a violation of CCPA. 

The CPRA gives California residents a tighter control over their data privacy. It also makes the reasonable security parameters companies need to meet much stricter. That includes everything from generic data to cross-context marketing information, passport number, driver’s license number, social security number, sexual orientation, sex life details, genetic data, financial account information, and precise geolocation, among others.

Related Article: The Meaning of Do Not Call

What Does California Privacy Rights Act Mean For Your Business?

Your business needs to be ready should California voters approve the California Privacy Rights Act of 2020 during the November ballot. You will have to ensure your current technology and work-practices work with the new rights and rules. CPRA may come into power on Jan. 1, 2023. Until then, you need to continue complying with the existing CCPA and GDPR. TCPA Protect can help you work on your privacy practices and ensure your consumers’ peace of mind in these regards.

What Happens When Someone Violates Your Privacy Rights?

File a complaint with California Attorney General’s office, or turn to a law firm for assistance. Even the current California legislation gives a reasonable level of protection to an individual’s consumer rights.

Further Reading: Do Not Call List for Businesses