INJURYATWORKADVICE
No Result
View All Result
Saturday, January 16, 2021
  • Home
  • Injury At Work
  • Road Traffic Accidents
  • Health
  • Legal
  • Human Rights
  • Home
  • Injury At Work
  • Road Traffic Accidents
  • Health
  • Legal
  • Human Rights
No Result
View All Result
INJURYATWORKADVICE
No Result
View All Result
Home Legal

CPRA May Impose Additional Service Provider Requirements

by injuryatworkadvice_rdd0e1
November 28, 2020
in Legal
CPRA May Impose Additional Service Provider Requirements

Friday, November 27, 2020

As mentioned in Q 204, the CCPA requires {that a} service supplier agree to a few substantive restrictions involving the retention, use, and disclosure of non-public data.  The CPRA ostensibly expands upon the three substantive contractual restrictions by referring to 9 extra provisions that must be included inside a service supplier settlement.  The next chart compares the substantive service supplier contractual provisions beneath the CCPA with people who will probably be required by the CPRA starting January 1, 2023:

Requirement

CCPA

CPRA

Retention Restrictions

1. Delete or return information.  Settlement should require {that a} service supplier delete or return information on the finish of an engagement
(i.e., not retain information).

✓[1]

✓[2]

 Use Restrictions

2. Use Restrictions.  A service supplier can solely course of private information per a enterprise’s directions (i.e., not use it for one thing apart from to carry out providers beneath the settlement or enhance the standard of providers).

✓[3]

✓[4]

3. Cease unauthorized use.  Settlement permits the enterprise to, upon discover, take cheap and acceptable steps to cease and remediate unauthorized use of non-public data.

X

✓[5]

4. Grants enterprise cheap rights.  Settlement grants the enterprise the appropriate to take “cheap and acceptable steps” to assist make sure that the service supplier “makes use of” private data per the enterprise’s authorized obligations.  For instance, these would possibly embrace cheap audit rights.

X

✓[6]

5. Combining private data from a number of purchasers.  Settlement prohibits a service supplier from “combining the private data” that it receives from one enterprise with the private data that it receives from one other enterprise (or collects from its personal interplay with shoppers), besides if it pertains to a enterprise objective recognized by rules to be adopted by the California Privateness Safety Company.

X/✓[7]

✓[8]

Disclosure Restrictions

6. Disclosure Restrictions.  Settlement prohibits disclosing private data apart from to carry out providers specified within the contract.

✓[9]
✓[10]

7. Prohibition towards promoting or sharing.  Settlement prohibits service supplier from promoting private data or sharing private data for the aim of cross-context behavioral promoting.

X/✓[11]
✓[12]

Further Necessities

8. Compliance with relevant obligations.  Settlement requires that the service supplier present the extent of privateness protections required beneath California regulation.

X
✓[13]

9. Obligates service supplier to inform enterprise of non-compliance.  Settlement requires {that a} service supplier notify the enterprise if the service supplier determines that it could actually now not meet obligations beneath California regulation.

X
✓[14]

10. Subcontractor notification.  A service supplier should notify a enterprise if it engages one other individual or firm to help it in processing private data.

X[15]
✓[16]

11. Subcontracting stream down obligations.  Service supplier should stream down contractual obligations to sub-processors.

X
✓[17]

[1] Cal. Civil Code § 1798.140(v) (Oct. 2020).

[2] Ca. Civil Code § 1798.140(ag)(B), (C).

[3] Cal. Civil Code § 1798.140(v) (Oct. 2020); CCPA Regulation 999.314(c)(1).

[4] Cal. Civil Code § 1798.100(d)(1), 140(ag)(1)(B), (C).

[5] Cal. Civil Code § 1798.100(d)(5).

[6] Cal. Civil Code § 1798.100(d)(3).

[7] Whereas the CCPA didn’t embrace an specific requirement {that a} contract prohibit a service supplier from promoting or sharing private data, it did embrace a requirement {that a} service supplier not “disclos[e]” private data for any objective apart from for the particular objective of performing these providers specified by a enterprise.  See Cal. Civil Code § 1798.14(v) (October 2020).

[8] Cal. Civil Code § 1798.140(ag)(1)(A).

[9] Cal. Civil Code § 1798.140(v) (Oct. 2020).

[10] Cal. Civil Code § 1798.140(ag)(1)(B), (C).

[11] Whereas the CCPA didn’t embrace an specific requirement {that a} contract prohibit a service supplier from combining private data from a number of purchasers, it did embrace a requirement {that a} service supplier not “disclos[e]” private data for any objective apart from for the particular objective of performing these providers specified by a enterprise.  See Cal. Civil Code § 1798.14(v) (October 2020).

[12] Cal. Civil Code § 1798.140(ag)(1)(A).

[13] Cal. Civil Code § 1798.100(d)(2).

[14] Cal. Civil Code § 1798.100(d)(4).

[15] Whereas the CCPA didn’t embrace an specific requirement {that a} contract require a service supplier to inform the enterprise if one other individual or entity can be aiding within the processing of non-public data, it did embrace a requirement {that a} service supplier not “disclos[e]” private data for any objective apart from for the particular objective of performing these providers specified by a enterprise.  See Cal. Civil Code § 1798.14(v) (October 2020).

[16] Cal. Civil Code § 1798.140(ag)(2).

[17] Cal. Civil Code § 1798.140(ag)(2).


©2020 Greenberg Traurig, LLP. All rights reserved.
Nationwide Legislation Assessment, Quantity X, Quantity 332

ShareTweetShareShare

Related Posts

Internet of Things Device Security Improvements Likely 2021
Legal

Internet of Things Device Security Improvements Likely 2021

December 27, 2020
Emerging Medical AI and 3D Printing Technologies in India [Podcast]
Legal

Emerging Medical AI and 3D Printing Technologies in India [Podcast]

December 27, 2020
China Opens 3-Year Pilot Foreign Patent Program
Legal

China Opens 3-Year Pilot Foreign Patent Program

December 26, 2020
Online Pharmacies and Telemedicine in India [Podcast]
Legal

Online Pharmacies and Telemedicine in India [Podcast]

December 26, 2020
California Prop 65 elists BPA as a Reproductive Toxicant
Legal

California Prop 65 elists BPA as a Reproductive Toxicant

December 26, 2020
Mexico Daily Minimum Wages Approved for 2021
Legal

Mexico Daily Minimum Wages Approved for 2021

December 26, 2020

Popular News

why are some people experiencing long-term fatigue?

why are some people experiencing long-term fatigue?

July 16, 2020
Court of Chancery Rules on Corporate Dissolutions

Court of Chancery Rules on Corporate Dissolutions

July 21, 2020
‘Hope’ isn’t mere wishful thinking – it’s a valuable tool we can put to work in a crisis

‘Hope’ isn’t mere wishful thinking – it’s a valuable tool we can put to work in a crisis

September 21, 2020
Baby and two adults taken to hospital after car flips over on motorway

Baby and two adults taken to hospital after car flips over on motorway

June 8, 2020
Carpenter who sliced off ends of fingers with SAW forced to wait EIGHT HOURS in A&E

Carpenter who sliced off ends of fingers with SAW forced to wait EIGHT HOURS in A&E

June 8, 2020
Employers and California’s New COVID-19 Supp Paid Sick Leave Law

Employers and California’s New COVID-19 Supp Paid Sick Leave Law

September 19, 2020
  • Home
  • Injury At Work
  • Road Traffic Accidents
  • Health
  • Legal
  • Human Rights

Copyright © 2020 Injuryatworkadvice

No Result
View All Result
  • Home
  • Injury At Work
  • Road Traffic Accidents
  • Health
  • Legal
  • Human Rights

Copyright © 2020 Injuryatworkadvice