SACRAMENTO, Calif.—An updated set of proposed regulations to implement the California Consumer Privacy Act (CCPA), which took effect Jan. 1, has been released by the California Department of Justice.
As CUToday.info has reported, the state has yet to finalize regulatory requirements on how to comply with the law; enforcement of the CCPA is not expected to begin until July.
The changes made in the second set of proposed regulations are primarily to clarify certain provisions, though it does remove the requirement for companies to provide a standardized opt-out button for consumers. Credit unions interested in commenting on the updated proposal can do so until March 27, NAFCU said.
NAFCU noted it has urged the California attorney general to exempt credit unions from the state's privacy law as the industry already complies with the federal Gramm-Leach-Bliley Act (GLBA) for consumer data security and privacy.
NAFCU President and CEO Dan Berger has asked CFPB Director Kathy Kraninger, who also leads the Federal Financial Institutions Examination Council (FFIEC), to provide interagency guidance related to the GLBA to help credit unions and other financial institutions comply with data privacy laws to ensure credit unions are not unnecessarily burdened by conflicting state laws.