Analyzing California’s Delete Act for Data-Driven Businesses

Join us for the second installment of our series, “Data Brokers Under Fire: Litigation and Compliance Strategies to Help Temper the Flames.”

On January 1, the California Delete Act went into effect establishing new requirements for entities that qualify as “data brokers” under the law. Beginning August 1, covered businesses will need to process deletion requests through the California Privacy Protection Agency’s (CalPrivacy) centralized mechanism — with fines of $200 per day, per violation. This can add up to bet-the-company fines with CalPrivacy’s new Strike Force dedicated entirely to enforcing state privacy laws against data brokers.

Meanwhile, CalPrivacy’s recent rulemaking clarified and significantly expanded the scope of what entities meet the “data broker” definition. Notably, the definition may now pull in many types of businesses that have never considered themselves to be data brokers, including companies engaged in certain data licensing, sharing, or analytics activities. Understanding whether your organization falls within this expanded scope is now a critical compliance priority.

The stakes have never been higher for entities that operate in California to understand how the Delete Act may apply and to ensure that they are complying where it does.

In this webinar, we will discuss:

• How California defines “data broker” and why the definition is broader than many businesses may expect.
• Common processing activities that may lead to companies inadvertently triggering data broker status.
• Practical steps for assessing your organization’s exposure and building a compliance roadmap.

Whether you’re in adtech, analytics, marketing services, or any business that shares consumer data with third parties, this session will help you evaluate your obligations under California’s evolving privacy landscape.