August 12, 2020

Volume X, Number 225

August 11, 2020

Subscribe to Latest Legal News and Analysis

August 10, 2020

Subscribe to Latest Legal News and Analysis

Amendments to CA AB-1281: Addition by Subtraction?

In a surprising turn of events, the California State Senate significantly amended California Assembly Bill 1281 (“AB-1281”) late last week.  AB-1281 initially proposed enhanced protections for the use of facial recognition technologies, which have now been removed.  The amended AB-1281 now focuses on extending by one year the B2B and employee exemptions provided for under the California Consumer Privacy Act (“CCPA”), previously discussed here. Those exemptions currently become inoperative on January 1, 2021; if AB-1281 is enacted, they would become inoperative on January 1, 2022.  Note, however, that if the California Privacy Rights Act (read our recent analysis here) passes on the upcoming November 3rd  ballot, these exemptions will be extended for an additional year, and will become inoperative on January 1, 2023.

Prior to these recent amendments, AB-1281 would have required California businesses that use facial recognition technology to disclose that usage in a clear and conspicuous physical sign and subject violators to civil penalties.  The amended version of AB-1281 removes all provisions relating to facial recognition technology and required signage and instead only extends the B2B and employee CCPA exemptions as described above.

So what happened?

As we previously discussed, due to COVID-19 concerns, California State Senate President Pro Tem, Toni Atkins (D – District 39), instructed Senate committee chairs that they should reconsider their committees’ priorities and reduce the number of bills to focus on COVID-19-related legislation.   This bill was therefore likely amended to allow the Senate to extend the exemptions without having to introduce an entirely new bill to do so, thus freeing the legislature to focus on COVID-related legislation.  It is certainly possible that a bill addressing the use of facial recognition technology that is similar to the original AB-1281 could be introduced once COVID-related concerns have passed.

Will AB-1281 pass?

AB-1281, as amended, was proposed by Assembly Member Edwin Chau (D-District 49), the Chair of the Committee on Privacy and Consumer Protection, who has had a strong influence on California privacy law during his tenure (including being the proponent of CCPA and a number of successful amendments to CCPA).  His support makes it likely that it will pass and the process that has been followed – amending an existing bill that had already been approved by one chamber – has the potential to significantly expedite the process necessary to achieve final legislative approval of AB-1281.

We will continue to track AB-1281 and continue to provide you with breaking updates.

© Copyright 2020 Squire Patton Boggs (US) LLPNational Law Review, Volume X, Number 184


About this Author

Glenn Brown Data Privacy & Cybersecurity Attorney Squire Patton Boggs Atlanta., GA
Of Counsel

A senior member of our Data Privacy & Cybersecurity Practice Group, Glenn Brown provides business-oriented advice to clients in numerous industries on data privacy and regulatory compliance matters, including regulatory investigations and examinations. He has experience driving privacy and compliance priorities within organizations and providing strategic counsel regarding privacy, compliance and risk to support the growth and success of the business.

Glenn also has deep experience advising clients regarding compliance with many of the US...

Shalin Sood, Squire Patton Boggs Law Firm, Washington DC, Cybersecurity Law Attorney

Shalin “Shawn” Sood is an associate in the Data Privacy & Cybersecurity Practice. Shawn advises clients on a variety of issues, including cybersecurity best practices and risk assessments, incident response programs and cybersecurity compliance. He also assists clients on compliance with the EU General Data Protection Regulation (GDPR) and establishing robust and thorough data privacy programs. He also has experience in representing international businesses in compliance and investigations from federal and state governments.

Lydia de la Torre Data Privacy & Cybersecurity Attorney Squire Patton Boggs Palo Alto, CA
Of Counsel

Lydia de la Torre provides strategic privacy compliance advice related to US and EU privacy, including data protection and cybersecurity law, General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), other state’s privacy and cyber laws, US financial privacy laws, and marketing and advertising compliance, as well as information security. She also represents clients in investigations with an eye toward helping them avoid litigation.

Lydia’s work in-house and with organizations has run the gamut, from pre-IPO start-ups to mature Fortune 500 companies, in a...