California Court of Appeal Lifts Stay of CCPA Enforcement Deadlines

February 29, 2024

The Case

In a significant ruling on February 9, 2024, the California Court of Appeal reversed a trial court judgment that had stayed enforcement of California Consumer Privacy Act (CCPA) regulations. This decision will make certain CCPA regulations, which a court order had previously stayed, become immediately effective once again.


Why Does This Matter?

The action highlights how new CCPA legislations are forcing a radical rethink for collecting, storing, and deploying personal information. Some of the key concerns highlighted by this and previous actions include:

  • transparency of data breach disclosures

  • multi-factor authentication for email accounts

  • security of cloud-based email accounts, and 

  • the importance of implementing an adequate incident response plan. 


Such heightened regulatory focus underscores the need for fintechs to maintain cybersecurity measures and protect client data.


InnReg's Experience

Since its inception in 2013, InnReg has developed deep expertise in compliance services related to customer data protection and cybersecurity measures as part of its work during FINRA examinations and managing compliance programs for a wide range of fintechs.


Learn More About This Topic

For additional insights, read InnReg’s free Data Protection Compliance Checklist to help you build best practices to meet evolving regulatory requirements.

Subscribe for Compliance Insights

Subscribe for Compliance Insights

Subscribe for Compliance Insights

In mid-February, the FTC announced a proposed settlement to resolve allegations that security software company Avast unfairly sold consumers’ granular and re-identifiable browsing information. This was after Avast informed consumers that its software would protect their privacy and that any disclosure of their browsing information would only be in aggregate and anonymous form.

On March 13, 2024, the European Union’s parliament formally approved the EU AI Act, making it the world’s first major set of regulatory ground rules to govern generative artificial intelligence (AI) technology.

From January 2018 to present, MMA failed to establish, maintain, and enforce a supervisory system, including written supervisory procedures (WSPs), reasonably designed to achieve compliance with rules governing outside business activities (OBAs). During this period, the firm failed to evaluate and document its evaluation of OBAs disclosed by its registered representatives as required by FINRA Rule 3270.

LinkedIn Innreg
X InnReg
Quora Innreg
Blog Innreg

© 2024 InnReg LLC

1101 Brickell Avenue
South Tower, 8th Floor
Miami, FL 33131

LinkedIn Innreg
X InnReg
Quora Innreg
Blog Innreg

© 2024 InnReg LLC

1101 Brickell Avenue
South Tower, 8th Floor
Miami, FL 33131