Negotiating with Service Providers and Third Parties under CCPA
This white paper provides guidance on identifying different parties in the ecosystem and draft contractual provisions under the CCPA.
Published: 3 Dec. 2019
Many of us understand in theory what the California Consumer Privacy Act means for consumer rights and that it creates a totally new ecosystem of relationships between and among businesses that are covered by the law and other legal entities with whom they do business.
Unfortunately, that new ecosystem bears little resemblance to the controller/processor structure of the EU General Data Protection Regulation and leaves much to be desired when it comes to facilitating the privacy practitioner’s job of categorizing and risk-ranking business partners. To make matters worse, the attorney general did not issue draft regulations until October, and those regulations likely will not be finalized until July of 2020.
This white paper provides guidance on identifying different parties in the ecosystem and draft contractual provisions under the CCPA.
This content is eligible for Continuing Professional Education credits. Please self-submit according to CPE policy guidelines.
Negotiating with Service Providers and Third Parties under CCPA
This white paper provides guidance on identifying different parties in the ecosystem and draft contractual provisions under the CCPA.
Published: 3 Dec. 2019
Contributors:
Tanya Forsheit
Vice President and Chief Privacy Officer, The New York Times Company
CIPP/US, CIPT, PLS
Many of us understand in theory what the California Consumer Privacy Act means for consumer rights and that it creates a totally new ecosystem of relationships between and among businesses that are covered by the law and other legal entities with whom they do business.
Unfortunately, that new ecosystem bears little resemblance to the controller/processor structure of the EU General Data Protection Regulation and leaves much to be desired when it comes to facilitating the privacy practitioner’s job of categorizing and risk-ranking business partners. To make matters worse, the attorney general did not issue draft regulations until October, and those regulations likely will not be finalized until July of 2020.
This white paper provides guidance on identifying different parties in the ecosystem and draft contractual provisions under the CCPA.
This content is eligible for Continuing Professional Education credits. Please self-submit according to CPE policy guidelines.
Tags:
Related resources
US State Privacy Legislation Tracker
Organizational Digital Governance Report 2025
US State Comprehensive Privacy Laws Report
US Data Privacy Litigation
