Photo of Rachel Tarko Hudson

Rachel Tarko Hudson is a partner in the Intellectual Property Practice Group in the firm's San Francisco office. She is also a member of the Retail Team.

Everyone who has been paying attention to privacy news knows that January 1, 2020 is the implementation date of the California Consumer Protection Act, and July 1, 2020 is the current deadline for enforcement to begin. July 2020 is also the current deadline for the California AG to implement regulations under CCPA. Read more about the law in our blog post from last year. What should companies do over the coming months to get ready for what looks like a sweeping new set of requirements? Two big ones: keep a 12 month look-back of data processing activities and take stock of what you collect and how you use it. Over the coming months you will also want to look at how you might handle rights requests, and take the CCPA into account for your 2019 and 2020 budgeting. This graphic can help you communicate the importance of CCPA to internal stakeholders.
Continue Reading 2019 is the Year of . . . CCPA?

As has been widely reported, California’s new privacy regime entitled the California Consumer Privacy Act of 2018, or CCPA, is set to come into effect on January 1, 2020. The law constitutes an expansion beyond California’s existing privacy laws, in particular California’s existing Shine the Light Law and the California Online Privacy Protection Act. Various provisions of the new law will apply to businesses with annual total revenue greater than $25 million (not just in California), that obtain or share for commercial purposes the personal information of 50,000 or more, or that get 50% or more of their revenue from selling or sharing PII. The law was passed quickly to avoid a similar voter-initiative ballot measure, and as a result has several ambiguities and apparent inconsistencies. It is therefore very likely that the law will be changed by amendment, and clarified through rules and regulations, before it comes into effect in 2020. 
Continue Reading The California Consumer Privacy Law (CCPA) Is Coming: What Should Your Company Do Now?

As part of a flurry of new privacy legislation, California Governor Jerry Brown signed two new data privacy bills into law on September 27, 2013: S.B. 46 amending California’s data security breach notification law and A.B. 370 regarding disclosure of “do not track” and other tracking practices in online privacy policies. Both laws will come into effect on January 1, 2014.
Continue Reading California Enacts New Data Privacy Laws