On December 6, BPI submitted a letter to the California Attorney General on proposed regulations under the California Consumer Privacy Act (“CCPA”). The letter calls for harmonization of the new rules with the CCPA’s statutory expectations, as well as with the long-standing frameworks banks have built under federal consumer privacy and data security standards. BPI argues that the regulations should take these programs into account to ensure that consumer protections are not unintentionally weakened by companies’ CCPA compliance efforts and proposes a number of amendments to the draft rules that would address these issues. Of note, BPI recommended that the effective date of the regulations be set at least six months after the final rules are published and that the Attorney General should not undertake enforcement actions for conduct that occurs before January 1, 2021.
BPI Submits Comment Letter on Proposed California Privacy Regulations
