On February 1, 2023, the California Privacy Protection Agency (CPPA) released a final draft of the regulations for enforcing the California Privacy Rights Act (CPRA). These regulations provide stricter restrictions on the collection of personal information. Of note is that collection practices must be “consistent with the reasonable expectations of the consumers.” According to 11 C.C.R. § 7002(b), expected to become final this year, “reasonable expectations” hinge on factors such as the relationship between the business and its consumers, the source of personal information, and the methods employed by the business collecting the data, and the involvement of other entities and third parties. If CPPA takes an expansive enforcement position on Section 7002, several types of automotive businesses could be impacted by this “consumer expectation” test.
Continue Reading CPRA Regulation 7002: Detour for Automotive Businesses?