It’s still somewhat buried in all the other current election noise, but California voters passed a new privacy act this week. It won’t go into effect until 2023, and was pitched as ‘fixing loopholes’ in the existing CCPA (California Consumer Privacy Act) law.
For businesses that already invested in good-faith CCPA and GDPR compliance, most commentators seem to feel that there likely won’t be that much to change (especially because CPRA more closely resembles GDPR than the older CCPA did). And unless/until the US passes a nation-wide law, CPRA is likely to become the de facto standard for the country.
Still, here in California, this new act is not contention-free: while it passed as a ballot initiative, getting to that point has been the long-running, personal mission of a single, wealthy real estate developer from San Francisco named Alastair Mactaggart.
After WWDC, IDFA and SKAdNetwork grabbed most of the data privacy headlines. But Apple will also be introducing new ‘privacy nutrition labels’ containing developer-reported information about the data each app collects and uses.
Apple has been hinting at a questionnaire — there’s no auto-detection mechanism — to collect this info, and now that has finally been made available (it will be required starting December 8).
Note: I don’t actually see the questionnaire yet for the apps in my App Store Connect account, but it’s possible Apple is still in the process of rolling it out to everyone.