On July 5, the California Privacy Protection Agency (CPPA)
issued an
NPRM for adopting new regulations for data broker registration to implement and enforce SB 362, known as the Delete Act (covered by InfoBytes
here).
The proposed regulations aim to clarify issues that data brokers faced after the CPPA administered the data broker registration process for the first time this past January by (i) specifying the registration fee details, (ii) defining terms in the Delete Act such as “minor” and “direct relationship” to clarify what businesses are data brokers, (iii) detailing the registration requirements for data brokers’ employees or agents, and (iv) clarifying that each data broker business is required to register, regardless of status as a parent company or subsidiary, among other things.
Public comments on the proposed regulations must be received by August 20. Additionally, a virtual public hearing will be held on the same date.
