Compliance made even more impossible because of the coronavirus
California’s new data privacy law took effect on January 1 of this year, with the enforcement of it to commence mid-year, once the state’s attorney general came up with the regulations on how it should be enforced.
The Small Business Data Privacy Committee, of which NFIB is a member, has been diligently submitting comments to the attorney general’s office on its Revised Proposed Regulations for the California Consumer Privacy Act (CCPA), but on March 27, it sent a letter expressing the committee’s disappointment of what it termed the backtracking it sees the attorney general making.
“Rather than making compliance easier and reducing regulatory burdens in this period of crisis, the new draft regulations add more confusion. More urgently, they fail to address the fact that owners of most small business enterprises have been ordered to shelter in place to contain the spread of COVID-19 and cannot hire the lawyers and technology services they need to comply with the CCPA even if they are able to financially weather the crisis.
“We respectfully request that the Attorney General withdraw the proposed regulations, consider the impact of the crisis on small business, and work with businesses that are required to comply to develop regulations that will facilitate compliance. We renew our request that you delay enforcement until January 1, 2021.”
NFIB joined 11 other associations in signing the letter, the full text of which can be read here.