October 28, 2020

Volume X, Number 302

Advertisement

October 27, 2020

Subscribe to Latest Legal News and Analysis

October 26, 2020

Subscribe to Latest Legal News and Analysis

Extension to CCPA’s Employment and Business-to-Business Exemption Passes Legislature

On Aug. 30, 2020, the California legislature passed Assembly Bill 1281 (AB-1281), which would extend the exemptions for “employee” information and business-to-business (B2B) transactions from its original expiration date of Jan. 1, 2021, to Jan. 1, 2022, if approved by the governor.

  • Under the “employee” exemption, personal information of consumers within an employment relationship (a job applicant, employee, owner, director, officer, medical staff member, or contractor) is largely exempt from the California Consumer Privacy Act (CCPA) to the extent that the personal information is collected and used within the context of (i) the employment relationship, (ii) having an emergency contact on file, or (iii) administering benefits. However, pursuant to CCPA section 1798.100(b), businesses must still provide notice to these categories of consumers.

  • Under the “B2B” exemption, personal information involved in B2B communications or transactions where the consumer is acting on behalf of a business, and the communications or transactions solely relate to providing or receiving a product or service to or from another business. Businesses must still provide B2B consumers the right to opt out of the sale of their information.

Notwithstanding these exemptions, all personal information collected is still subject to the CCPA’s private right of action for certain security incidents.

Should the California Privacy Rights Act (CPRA) be voted into law on Nov. 3, 2020, AB-1281’s one-year extension will not be operative, as the CPRA extends the expiration date for these exemptions to Jan. 1, 2023, to align with the effectuation of the CPRA. Under either scenario, the exemptions will not expire on Jan. 1, 2021, but if the CPRA is not voted into law, business will only receive a one-year extension of the employee and B2B exemptions, which would be a reprieve for businesses adversely impacted by COVID-19.

©2020 Greenberg Traurig, LLP. All rights reserved. National Law Review, Volume X, Number 246
Advertisement

TRENDING LEGAL ANALYSIS

Advertisement
Advertisement

About this Author

Gretchen A. Ramos, Lawyer, Greenberg Traurig, Data, Privacy & Cybersecurity,The Cloud,Artificial Intelligence, Big Data
Shareholder

Gretchen A. Ramos is Co-Chair of the Data, Privacy & Cybersecurity Practice and focuses her practice on privacy, cybersecurity, and information management. A creative problem-solver with a long track record of success in commercial disputes, she never loses sight of the simple fact that she works in a service industry. Clients appreciate not only her legal skills, but also her direct, no-nonsense approach to client service, including her bullet-pointed emails, snapshot executive summaries, and creativity in finding ways to streamline communications for in-house counsel with dozens of...

415.655.1319
Kate Black Shareholder GT Law Miami SF Data, Privacy & Cybersecurity Life Sciences & Medical Technology IP Technology Licensing & Transactions
Shareholder

Kate Black’s practice focuses on data privacy, information protection, and commercial transactions in consumer technology, digital health, life sciences, and genetics. Kate provides companies with comprehensive, practical strategies for meeting their regulatory obligations while building and maintaining public trust and advancing innovative and emerging models of health care research and delivery. She’s managed every aspect of global privacy programs, including supervising privacy assessments, providing product strategy and counseling, managing complex vendor and partner agreements, and overseeing security policy audits for leading health technology companies. She regularly advises on proposed regulatory and legislative changes that will impact the health technology environment and has been a featured speaker and frequent lecturer on data privacy and cybersecurity, data analytics, digital health, mobile medical applications, and privacy issues related to genetic and health research.

305-579-0500
Tyler Laurence Corporate Attorney Greenberg Traurig
Associate

Tyler J. Laurence is a member of the Corporate Practice in Greenberg Traurig's Miami office. He advises public and private companies on mergers and acquisitions, joint ventures, and corporate governance. Tyler also counsels clients on data privacy, information protection, and transactional IP matters.

305.579.0796
Advertisement
Advertisement