top

  Info

  • Utilizzare la checkbox di selezione a fianco di ciascun documento per attivare le funzionalità di stampa, invio email, download nei formati disponibili del (i) record.

  Info

  • Utilizzare questo link per rimuovere la selezione effettuata.
The Desk Reference Companion to the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) / / David A. Zetoony
The Desk Reference Companion to the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) / / David A. Zetoony
Autore Zetoony David
Pubbl/distr/stampa Chicago, Illinois : , : American Bar Association, , [2021]
Descrizione fisica 1 online resource (494 pages)
Disciplina 342.7940858
Soggetto topico Data protection - Law and legislation - California
Consumer protection - Law and legislation - California
Privacy, Right of - California
ISBN 1-64105-977-X
Formato Materiale a stampa
Livello bibliografico Monografia
Lingua di pubblicazione eng
Nota di contenuto Intro -- Title Page -- Copyright Page -- Contents -- About the author -- Notes on Citations and References -- Acknowledgments -- Foreword -- Introduction -- Chapter 1: History and Structure -- Q1. What was the Consumer Right to Privacy Act or "CRPA"? -- Q2. What is the California Consumer Privacy Act or "CCPA"? -- Q3. When was the CCPA enacted? -- Q4. When did the CCPA become operative (i.e., go into effect)? -- Q5. When did the CCPA become enforceable? -- Q6. What is the California Privacy Rights Act or "CPRA"? -- Q7. Is the CPRA the same thing as Proposition 24? -- Q8. When will the CPRA become operative (i.e., go into effect)? -- Q9. When will the CPRA become enforceable? -- Q10. What additional rights does the CPRA grantto California consumers? -- Chapter 2: General Concepts -- Personal Information -- Q11. What is personal information? -- Q12. What types of information may qualify as personal information? -- Q13. Did the CCPA incorporate definitions of personal information found elsewhere in the California Code? -- Q14. Does the CPRA enlarge the list of data types that may qualify as personal information? -- Q15. Is the CCPA's definition of personal information the same as the European GDPR's definition of personal data? -- Q16. Does the CCPA use the term "personal data"? -- Q17. Does the term "personal information" mean the same thing as the term "personally identifiable information"? -- Q18. Does the term "personal information" mean the same thing as the term "personally-identified information"? -- Q19. Does the term "personal information" mean the same thing under the privacy laws of other states? -- Q20. Does the term "personal information" include information that a business obtains from government records? -- Q21. What constitutes publicly available information under the CCPA?.
Q22. What constitutes publicly available information under the CPRA? -- Q23. Are work email addresses and business contact information governed by the CCPA? -- Q24. Does the CCPA apply to paper records? -- Q25. Is an IP address considered personal information? -- Q26. Is data that has undergone hashing considered personal information? -- Q27. Is data that has undergone salted-hashing considered "personal information"? -- Q28. Is a token considered "personal information"? -- Q29. Is encrypted data considered "personal information"? -- Q30. Does the CCPA apply to information about businesses? -- Q31. Is the CCPA's definition of "biometric information" broader than the definition used by other states? -- Aggregate and Deidentified Information -- Q32. Is aggregated or deidentified information considered personal information? -- Q33. What qualifies as aggregate consumer information? -- Q34. What qualifies as deidentified information? -- Q35. Is deidentified information the same as aggregated information? -- Q36. Does the CCPA adopt a specific standard for deidentifying information? -- Q37. What is the difference between the CCPA's deidentification standard and the GDPR's anonymization standard? -- Pseudonymization -- Q38. What is pseudonymized data? -- Sensitive Personal Information -- Q39. Does the CCPA treat some types of personal information as more "sensitive" than others? -- Q40. Did the CPRA create a new category of "sensitive personal information"? -- Q41. If information is publicly available, is it still considered sensitive personal information? -- Q42. What rights does the CPRA provide for sensitive category data? -- Businesses Covered by the Statute -- Q43. What is a "business"? -- Q44. Does the 25 million threshold to be considered a business refer to revenue generated in the state of California or revenue generated worldwide?.
Q45. Does the CCPA apply to non-profits? -- Q46. Are some non-profit entities, such as credit unions, covered by the CCPA? -- Q47. Does the CCPA apply to government agencies? -- Q48. Does an organization need to be "established" in the United States for the CCPA to apply? -- Q49. If a company is based in California, does the CCPA apply to all data processed by the company? -- Q50. What does it mean to "do business" in California? -- Q51. If a company has California employees, is it subject to the CCPA? -- Q52. Can the CCPA apply to a company that has no employees or offices in California? -- Q53. What is the "unified business provision" and the "affiliate exception"? -- Q54. Can corporate affiliates that share common branding choose whether they want to be considered a unified "business" under the CCPA? -- Q55. Are corporate affiliates that use common branding inherently under common "control" for purposes of the CCPA? -- Q56. How do you compute the number of persons, devices, or households when determining whether an entity meets the de minimis threshold to be considered a business? -- Q57. If a company that is not subject to the CCPA acquires a business that is subject to the CCPA, can the acquisition "infect" the data of the first company? -- Q58. Does the CCPA have "controllers" and "processors"? -- Consumers -- Q59. What is a "consumer"? -- Q60. Does the CCPA apply only to consumers that are residents of California? -- Processing -- Q61. What activities count as "processing"? -- Selling -- Q62. What does it mean to "sell" personal information? -- Q63. What constitutes "valuable consideration" for the purposes of determining if personal information has been sold? -- Q64. Are all transfers for valuable consideration sales? -- Sharing -- Q65. What does it mean to "share" personal information? -- Q66. What is "cross-context behavioral advertising"?.
Q67. Does a company share personal information when it provides information to a company that is not involved in AdTech? -- Service Providers -- Q68. What is a service provider? -- Q69. Is a service provider the same thing as a processor? -- Contractors -- Q70. What is the difference between a "contractor" and an "independent contractor"? -- Q71. What is the difference between a "contractor" and a "service provider"? -- Q72. Does the CPRA impose different rights or obligations upon contractors as opposed to service providers? -- Chapter 3: General Compliance Issues -- Compliance Programs -- Q73. What are the core requirements imposed by the CCPA on businesses? -- Q74. What additional requirements will be imposed upon businesses by the CPRA? -- Q75. What types of compliance documents should businesses consider? -- Q76. What are the core requirements imposed by the CCPA on service providers? -- Q77. Did the regulations implementing the CCPA impose additional requirements on service providers? -- Q78. Does the CPRA impose additional requirements on service providers? -- Q79. What types of documents, policies, procedures, and protocols should service providers consider putting in place to comply with the CCPA? -- Permissible Uses of Personal Information -- Q80. Are businesses required to have a "lawful basis" or a "permissible purpose" to process personal information under the CCPA? -- Q81. Are companies generally required to get opt-in consent before using personal information? -- Q82. Are businesses required to get opt-in consent to conduct email marketing? -- Permissible Uses of Sensitive Personal Information -- Q83. Does a business have to get opt-in consent from consumers before collecting their sensitive personal information? -- Q84. Do consumers have a right to object to a business's continuing use of their sensitive personal information?.
Q85. Is the CPRA's right to object to the continued use of sensitive personal information an absolute right? -- Q86. Under the CPRA, will a consumer be able to object to a company using sensitive personal information for behavioral or targeted advertising? -- Q87. Under the CPRA, will a consumer be able to object to a company sharing sensitive personal information with AdTech companies for their use in constructing a consumer profile? -- Q88. Will all companies be required to post a "Limit the Use of My Sensitive Personal Information" link on their homepages? -- Data Minimization -- Q89. Will the CPRA require data minimization with regard to the storage of information? -- Q90. Will the CPRA require data minimization with regard to the collection and use of information? -- Q91. Will the CPRA require publishing the data retention period that applies to personal information? -- Notice at Collection -- Q92. What is a notice at collection? -- Q93. Does a business have to provide a notice at collection to a consumer if the business does not collect information directly from them? -- Q94. Can a business's privacy notice and notice at collection be the same document? -- Q95. Can a service provider provide a notice at collection on behalf of a business? -- Q96. When a business collects personal information over the phone, can it satisfy the requirement to give a notice at collection by directing consumers to an online notice? -- Q97. When a business collects personal information offline, can it satisfy the requirement to give a notice at collection by including a sign that directs consumers to an online notice? -- Q98. Does a business have to translate a notice at collection into languages other than English?.
Q99. If a business does not identify a specific use for information in a notice at collection, is it prohibited from using information in that manner?.
Record Nr. UNINA-9910788399303321
Zetoony David  
Chicago, Illinois : , : American Bar Association, , [2021]
Materiale a stampa
Lo trovi qui: Univ. Federico II
Opac: Controlla la disponibilità qui
The Desk Reference Companion to the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) / / David A. Zetoony
The Desk Reference Companion to the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) / / David A. Zetoony
Autore Zetoony David
Pubbl/distr/stampa Chicago, Illinois : , : American Bar Association, , [2021]
Descrizione fisica 1 online resource (494 pages)
Disciplina 342.7940858
Soggetto topico Data protection - Law and legislation - California
Consumer protection - Law and legislation - California
Privacy, Right of - California
ISBN 1-64105-977-X
Formato Materiale a stampa
Livello bibliografico Monografia
Lingua di pubblicazione eng
Nota di contenuto Intro -- Title Page -- Copyright Page -- Contents -- About the author -- Notes on Citations and References -- Acknowledgments -- Foreword -- Introduction -- Chapter 1: History and Structure -- Q1. What was the Consumer Right to Privacy Act or "CRPA"? -- Q2. What is the California Consumer Privacy Act or "CCPA"? -- Q3. When was the CCPA enacted? -- Q4. When did the CCPA become operative (i.e., go into effect)? -- Q5. When did the CCPA become enforceable? -- Q6. What is the California Privacy Rights Act or "CPRA"? -- Q7. Is the CPRA the same thing as Proposition 24? -- Q8. When will the CPRA become operative (i.e., go into effect)? -- Q9. When will the CPRA become enforceable? -- Q10. What additional rights does the CPRA grantto California consumers? -- Chapter 2: General Concepts -- Personal Information -- Q11. What is personal information? -- Q12. What types of information may qualify as personal information? -- Q13. Did the CCPA incorporate definitions of personal information found elsewhere in the California Code? -- Q14. Does the CPRA enlarge the list of data types that may qualify as personal information? -- Q15. Is the CCPA's definition of personal information the same as the European GDPR's definition of personal data? -- Q16. Does the CCPA use the term "personal data"? -- Q17. Does the term "personal information" mean the same thing as the term "personally identifiable information"? -- Q18. Does the term "personal information" mean the same thing as the term "personally-identified information"? -- Q19. Does the term "personal information" mean the same thing under the privacy laws of other states? -- Q20. Does the term "personal information" include information that a business obtains from government records? -- Q21. What constitutes publicly available information under the CCPA?.
Q22. What constitutes publicly available information under the CPRA? -- Q23. Are work email addresses and business contact information governed by the CCPA? -- Q24. Does the CCPA apply to paper records? -- Q25. Is an IP address considered personal information? -- Q26. Is data that has undergone hashing considered personal information? -- Q27. Is data that has undergone salted-hashing considered "personal information"? -- Q28. Is a token considered "personal information"? -- Q29. Is encrypted data considered "personal information"? -- Q30. Does the CCPA apply to information about businesses? -- Q31. Is the CCPA's definition of "biometric information" broader than the definition used by other states? -- Aggregate and Deidentified Information -- Q32. Is aggregated or deidentified information considered personal information? -- Q33. What qualifies as aggregate consumer information? -- Q34. What qualifies as deidentified information? -- Q35. Is deidentified information the same as aggregated information? -- Q36. Does the CCPA adopt a specific standard for deidentifying information? -- Q37. What is the difference between the CCPA's deidentification standard and the GDPR's anonymization standard? -- Pseudonymization -- Q38. What is pseudonymized data? -- Sensitive Personal Information -- Q39. Does the CCPA treat some types of personal information as more "sensitive" than others? -- Q40. Did the CPRA create a new category of "sensitive personal information"? -- Q41. If information is publicly available, is it still considered sensitive personal information? -- Q42. What rights does the CPRA provide for sensitive category data? -- Businesses Covered by the Statute -- Q43. What is a "business"? -- Q44. Does the 25 million threshold to be considered a business refer to revenue generated in the state of California or revenue generated worldwide?.
Q45. Does the CCPA apply to non-profits? -- Q46. Are some non-profit entities, such as credit unions, covered by the CCPA? -- Q47. Does the CCPA apply to government agencies? -- Q48. Does an organization need to be "established" in the United States for the CCPA to apply? -- Q49. If a company is based in California, does the CCPA apply to all data processed by the company? -- Q50. What does it mean to "do business" in California? -- Q51. If a company has California employees, is it subject to the CCPA? -- Q52. Can the CCPA apply to a company that has no employees or offices in California? -- Q53. What is the "unified business provision" and the "affiliate exception"? -- Q54. Can corporate affiliates that share common branding choose whether they want to be considered a unified "business" under the CCPA? -- Q55. Are corporate affiliates that use common branding inherently under common "control" for purposes of the CCPA? -- Q56. How do you compute the number of persons, devices, or households when determining whether an entity meets the de minimis threshold to be considered a business? -- Q57. If a company that is not subject to the CCPA acquires a business that is subject to the CCPA, can the acquisition "infect" the data of the first company? -- Q58. Does the CCPA have "controllers" and "processors"? -- Consumers -- Q59. What is a "consumer"? -- Q60. Does the CCPA apply only to consumers that are residents of California? -- Processing -- Q61. What activities count as "processing"? -- Selling -- Q62. What does it mean to "sell" personal information? -- Q63. What constitutes "valuable consideration" for the purposes of determining if personal information has been sold? -- Q64. Are all transfers for valuable consideration sales? -- Sharing -- Q65. What does it mean to "share" personal information? -- Q66. What is "cross-context behavioral advertising"?.
Q67. Does a company share personal information when it provides information to a company that is not involved in AdTech? -- Service Providers -- Q68. What is a service provider? -- Q69. Is a service provider the same thing as a processor? -- Contractors -- Q70. What is the difference between a "contractor" and an "independent contractor"? -- Q71. What is the difference between a "contractor" and a "service provider"? -- Q72. Does the CPRA impose different rights or obligations upon contractors as opposed to service providers? -- Chapter 3: General Compliance Issues -- Compliance Programs -- Q73. What are the core requirements imposed by the CCPA on businesses? -- Q74. What additional requirements will be imposed upon businesses by the CPRA? -- Q75. What types of compliance documents should businesses consider? -- Q76. What are the core requirements imposed by the CCPA on service providers? -- Q77. Did the regulations implementing the CCPA impose additional requirements on service providers? -- Q78. Does the CPRA impose additional requirements on service providers? -- Q79. What types of documents, policies, procedures, and protocols should service providers consider putting in place to comply with the CCPA? -- Permissible Uses of Personal Information -- Q80. Are businesses required to have a "lawful basis" or a "permissible purpose" to process personal information under the CCPA? -- Q81. Are companies generally required to get opt-in consent before using personal information? -- Q82. Are businesses required to get opt-in consent to conduct email marketing? -- Permissible Uses of Sensitive Personal Information -- Q83. Does a business have to get opt-in consent from consumers before collecting their sensitive personal information? -- Q84. Do consumers have a right to object to a business's continuing use of their sensitive personal information?.
Q85. Is the CPRA's right to object to the continued use of sensitive personal information an absolute right? -- Q86. Under the CPRA, will a consumer be able to object to a company using sensitive personal information for behavioral or targeted advertising? -- Q87. Under the CPRA, will a consumer be able to object to a company sharing sensitive personal information with AdTech companies for their use in constructing a consumer profile? -- Q88. Will all companies be required to post a "Limit the Use of My Sensitive Personal Information" link on their homepages? -- Data Minimization -- Q89. Will the CPRA require data minimization with regard to the storage of information? -- Q90. Will the CPRA require data minimization with regard to the collection and use of information? -- Q91. Will the CPRA require publishing the data retention period that applies to personal information? -- Notice at Collection -- Q92. What is a notice at collection? -- Q93. Does a business have to provide a notice at collection to a consumer if the business does not collect information directly from them? -- Q94. Can a business's privacy notice and notice at collection be the same document? -- Q95. Can a service provider provide a notice at collection on behalf of a business? -- Q96. When a business collects personal information over the phone, can it satisfy the requirement to give a notice at collection by directing consumers to an online notice? -- Q97. When a business collects personal information offline, can it satisfy the requirement to give a notice at collection by including a sign that directs consumers to an online notice? -- Q98. Does a business have to translate a notice at collection into languages other than English?.
Q99. If a business does not identify a specific use for information in a notice at collection, is it prohibited from using information in that manner?.
Record Nr. UNINA-9910818262303321
Zetoony David  
Chicago, Illinois : , : American Bar Association, , [2021]
Materiale a stampa
Lo trovi qui: Univ. Federico II
Opac: Controlla la disponibilità qui
The EU general data protection regulation (GDPR) : answers to the most frequently asked questions / / David A. Zetoony
The EU general data protection regulation (GDPR) : answers to the most frequently asked questions / / David A. Zetoony
Autore Zetoony David
Pubbl/distr/stampa Chicago, Illinois : , : American Bar Association, , 2018
Descrizione fisica 1 online resource (344 pages)
Disciplina 343.240999
Soggetto topico Data protection - Law and legislation - European Union countries
Right to be forgotten - European Union countries
ISBN 1-64105-234-1
Formato Materiale a stampa
Livello bibliografico Monografia
Lingua di pubblicazione eng
Nota di contenuto General concepts -- Jurisdiction -- Scope -- Consent and using data -- Privacy policies / Information notices -- An individual's right ot be forgotten -- An individual's right to access their information -- An individuals' right to receive information in a portable format -- An individuals' right to fix their information -- Document retention -- Record keeping -- Governance -- Data security -- Data breaches -- Transferring data outside of the EEA -- Service providers -- Fines -- Finding further guidance -- Specific situations.
Record Nr. UNINA-9910671198403321
Zetoony David  
Chicago, Illinois : , : American Bar Association, , 2018
Materiale a stampa
Lo trovi qui: Univ. Federico II
Opac: Controlla la disponibilità qui