Skip to main content

Data Protection Compliance in 2020 - California and Beyond

Gretchen A. Ramos, Co-chair of GT’s Data, Privacy & Cybersecurity Group, presented on data sharing issues, California Consumer Privacy Act (CCPA) Regulations, proposed Privacy Rights and Enforcement Act for the 2020 ballot, Brazil’s LGPD (effective August 2020), and discussed the specific steps companies can take to be in compliance by January 1, 2020. Joined by several specialists from well-known Bay Area tech companies such as Uber, Castlight Health, and Rakuten, Ramos and the speakers also addressed several pending data protection laws that could be passed in 2020.  Since many businesses impacted by the CCPA are struggling to understand their compliance obligations, the presentations in San Francisco and Silicon Valley, coordinated through the Bay Area Chapter of the Association of Corporate Counsel (ACC), were well attended, with standing room only. 

Our Data, Privacy & Cybersecurity Group is already assisting many businesses prepare for the CCPA, which applies to any for-profit company that does business in California, collects personal information (PI) from California residents, either alone or jointly controls how the PI is processed, and satisfies one of the following thresholds: (a) annual gross revenues greater than $25 million;  (b) annually buys, sells, receives or shares for commercial purposes PI of at least 50,000 CA residents, households or devices; or (c) derives at least 50% of its annual revenue from selling CA consumers PI.   For more information on the CCPA and the services GT can provide, please see GT’s CCPA webpage.