United States of America: Entry into force of California Privacy Rights Act of 2020 (Proposition 24) including data protection measures
Compare with different regulatory event:
Description
Entry into force of California Privacy Rights Act of 2020 (Proposition 24) including data protection measures
The California Consumer Privacy Act of 2020 (Proposition 24), amending the 2018 California Consumer Privacy Act, enters into force. The Act requires companies to minimize data collection and data retention to what is reasonably proportionate to achieve the intended purposes and regularly conduct privacy risk assessments and cybersecurity audits. Moreover, the Act introduces the right to correct inaccurate information and to receive a notification when businesses collect or use "sensitive personal information", and eventually to opt-out from such practices. Further, the Act clarifies that people can opt-out of the sale and sharing of their personal information with third parties.
Original sourceScope
Policy Area
Data governance
Policy Instrument
Data protection regulation
Regulated Economic Activity
cross-cutting
Implementation Level
subnational
Government Branch
executive
Government Body
central government
Key regulatory dimensions
Regulated subjects
The businesses, government agencies or individuals affected by this policy or regulatory change.
producer / supplier
1
Type
Any
Economic activity
cross-cutting
Category
All
Policy change by business practice
The detailed activities within the scope of this policy or regulatory change.
personal data (all forms): data processing
Regulatory tool
User right to access personal data
User right to deletion of personal data
User right to rectification of personal data
User right to restriction of personal data processing
Data storage/retention obligation
User right to information about third-parties, with which data has been shared
Corporate right to cure
User right to nominate a legal heir or representative
Prohibition of discrimination on the basis of exercised user rights
Right to reward for non-exercise of user rights
Sanctions
Civil penalty
Regulated subjects
1
personal data (all forms): data collection
Regulatory tool
User right to access personal data
User right to deletion of personal data
User right to rectification of personal data
User right to restriction of personal data processing
Data storage/retention obligation
User right to information about third-parties, with which data has been shared
Corporate right to cure
User right to nominate a legal heir or representative
Prohibition of discrimination on the basis of exercised user rights
Right to reward for non-exercise of user rights
Sanctions
Civil penalty
Regulated subjects
1
personal data (all forms): storage (any form)
Regulatory tool
User right to access personal data
User right to deletion of personal data
User right to rectification of personal data
User right to restriction of personal data processing
Data storage/retention obligation
User right to information about third-parties, with which data has been shared
Corporate right to cure
User right to nominate a legal heir or representative
Prohibition of discrimination on the basis of exercised user rights
Right to reward for non-exercise of user rights
Sanctions
Civil penalty
Regulated subjects
1
personal data (all forms): sale
Regulatory tool
User right to access personal data
User right to deletion of personal data
User consent: Permit user opt-out
User right to rectification of personal data
User right to withdraw consent
User right to restriction of personal data processing
User right to information about third-parties, with which data has been shared
Corporate right to cure
User right to nominate a legal heir or representative
Prohibition of discrimination on the basis of exercised user rights
Right to reward for non-exercise of user rights
Sanctions
Civil penalty
Regulated subjects
1
personal data: information pertaining to minors: sale
Regulatory tool
User right to access personal data
User right to deletion of personal data
User right to rectification of personal data
User right to restriction of personal data processing
User consent: Opt-in requirement
User right to information about third-parties, with which data has been shared
Corporate right to cure
User right to nominate a legal heir or representative
Prohibition of discrimination on the basis of exercised user rights
Right to reward for non-exercise of user rights
Sanctions
Civil penalty
Regulated subjects
1
personal data (all forms): transfer (any destination)
Regulatory tool
User right to access personal data
User right to deletion of personal data
User consent: Permit user opt-out
User right to rectification of personal data
User right to withdraw consent
User right to restriction of personal data processing
User right to information about third-parties, with which data has been shared
Corporate right to cure
User right to nominate a legal heir or representative
Prohibition of discrimination on the basis of exercised user rights
Right to reward for non-exercise of user rights
Sanctions
Civil penalty
Regulated subjects
1
personal data: identity: data processing
Regulatory tool
User right to access personal data
User right to deletion of personal data
User right to rectification of personal data
User right to restriction of personal data processing
User right to information about third-parties, with which data has been shared
Corporate right to cure
User right to nominate a legal heir or representative
Prohibition of discrimination on the basis of exercised user rights
Right to reward for non-exercise of user rights
Sanctions
Civil penalty
Regulated subjects
1
personal data: ethnicity: data processing
Regulatory tool
User right to access personal data
User right to deletion of personal data
User right to rectification of personal data
User right to restriction of personal data processing
User right to information about third-parties, with which data has been shared
Corporate right to cure
User right to nominate a legal heir or representative
Prohibition of discrimination on the basis of exercised user rights
Right to reward for non-exercise of user rights
Sanctions
Civil penalty
Regulated subjects
1
personal data: financial or credit information: data processing
Regulatory tool
User right to access personal data
User right to deletion of personal data
User right to rectification of personal data
User right to restriction of personal data processing
User right to information about third-parties, with which data has been shared
Corporate right to cure
User right to nominate a legal heir or representative
Prohibition of discrimination on the basis of exercised user rights
Right to reward for non-exercise of user rights
Sanctions
Civil penalty
Regulated subjects
1
personal data: genetic: data processing
Regulatory tool
User right to access personal data
User right to deletion of personal data
User right to rectification of personal data
User right to restriction of personal data processing
User right to information about third-parties, with which data has been shared
Corporate right to cure
User right to nominate a legal heir or representative
Prohibition of discrimination on the basis of exercised user rights
Right to reward for non-exercise of user rights
Sanctions
Civil penalty
Regulated subjects
1
personal data: sexual orientation: data processing
Regulatory tool
User right to access personal data
User right to deletion of personal data
User right to rectification of personal data
User right to restriction of personal data processing
User right to information about third-parties, with which data has been shared
Corporate right to cure
User right to nominate a legal heir or representative
Prohibition of discrimination on the basis of exercised user rights
Right to reward for non-exercise of user rights
Sanctions
Civil penalty
Regulated subjects
1
personal data: health: data processing
Regulatory tool
User right to access personal data
User right to deletion of personal data
User right to rectification of personal data
User right to restriction of personal data processing
User right to information about third-parties, with which data has been shared
Corporate right to cure
User right to nominate a legal heir or representative
Prohibition of discrimination on the basis of exercised user rights
Right to reward for non-exercise of user rights
Sanctions
Civil penalty
Regulated subjects
1
personal data: biometric: data processing
Regulatory tool
User right to access personal data
User right to deletion of personal data
User right to rectification of personal data
User right to restriction of personal data processing
User right to information about third-parties, with which data has been shared
Corporate right to cure
User right to nominate a legal heir or representative
Prohibition of discrimination on the basis of exercised user rights
Right to reward for non-exercise of user rights
Sanctions
Civil penalty
Regulated subjects
1
personal data: religious beliefs: data processing
Regulatory tool
User right to access personal data
User right to deletion of personal data
User right to rectification of personal data
User right to restriction of personal data processing
User right to information about third-parties, with which data has been shared
Corporate right to cure
User right to nominate a legal heir or representative
Prohibition of discrimination on the basis of exercised user rights
Right to reward for non-exercise of user rights
Sanctions
Civil penalty
Regulated subjects
1
personal data: information pertaining to minors: transfer (any destination)
Regulatory tool
User consent: Permit user opt-out
User notification requirement
User consent: Opt-in requirement
User right to information about third-parties, with which data has been shared
Corporate right to cure
User right to nominate a legal heir or representative
Right to reward for non-exercise of user rights
Sanctions
Civil penalty
Regulated subjects
1
personal data: identity: transfer (any destination)
Regulatory tool
User consent: Permit user opt-out
User notification requirement
User right to information about third-parties, with which data has been shared
Corporate right to cure
User right to nominate a legal heir or representative
Right to reward for non-exercise of user rights
Sanctions
Civil penalty
Regulated subjects
1
personal data: ethnicity: transfer (any destination)
Regulatory tool
User consent: Permit user opt-out
User notification requirement
User right to information about third-parties, with which data has been shared
Corporate right to cure
User right to nominate a legal heir or representative
Right to reward for non-exercise of user rights
Sanctions
Civil penalty
Regulated subjects
1
personal data: financial or credit information: transfer (any destination)
Regulatory tool
User consent: Permit user opt-out
User notification requirement
User right to information about third-parties, with which data has been shared
Corporate right to cure
User right to nominate a legal heir or representative
Right to reward for non-exercise of user rights
Sanctions
Civil penalty
Regulated subjects
1
personal data: genetic: transfer (any destination)
Regulatory tool
User consent: Permit user opt-out
User notification requirement
User right to information about third-parties, with which data has been shared
Corporate right to cure
User right to nominate a legal heir or representative
Right to reward for non-exercise of user rights
Sanctions
Civil penalty
Regulated subjects
1
personal data: sexual orientation: transfer (any destination)
Regulatory tool
User consent: Permit user opt-out
User notification requirement
User right to information about third-parties, with which data has been shared
Corporate right to cure
User right to nominate a legal heir or representative
Right to reward for non-exercise of user rights
Sanctions
Civil penalty
Regulated subjects
1
personal data: health: transfer (any destination)
Regulatory tool
User consent: Permit user opt-out
User notification requirement
User right to information about third-parties, with which data has been shared
Corporate right to cure
User right to nominate a legal heir or representative
Right to reward for non-exercise of user rights
Sanctions
Civil penalty
Regulated subjects
1
personal data: biometric: transfer (any destination)
Regulatory tool
User consent: Permit user opt-out
User notification requirement
User right to information about third-parties, with which data has been shared
Corporate right to cure
User right to nominate a legal heir or representative
Right to reward for non-exercise of user rights
Sanctions
Civil penalty
Regulated subjects
1
personal data: religious beliefs: transfer (any destination)
Regulatory tool
User consent: Permit user opt-out
User notification requirement
User right to information about third-parties, with which data has been shared
Corporate right to cure
User right to nominate a legal heir or representative
Right to reward for non-exercise of user rights
Sanctions
Civil penalty
Regulated subjects
1
personal data (all forms): transmission
Regulatory tool
Corporate right to cure
User right to nominate a legal heir or representative
Right to reward for non-exercise of user rights
Sanctions
Civil penalty
Regulated subjects
1