- within Cannabis & Hemp, Real Estate and Construction and Finance and Banking topic(s)
- with readers working within the Business & Consumer Services and Insurance industries
In October, California Governor Gavin Newsom signed into law Assembly Bill 25 (AB 25), which temporarily eases the burden imposed on employers by the sweeping California Consumer Privacy Act of 2018 (CCPA).
Among other things, the CCPA gives consumers the right to know what personal information businesses are collecting and them, as well as the right to have that information deleted. Notably, the CCPA’s broad definition of “consumers” (“a natural person who is a California resident”) would include employees, contractors, and job applicants – categories that are not considered consumers under most data privacy laws.
AB 25 temporarily excludes from most CCPA requirements personal information of employees, contractors, and applicants that is used solely in the employment context. For example, employers will not be required to delete employees’ personal information on request.
Employers should note, however, that this exclusion expires on January 1, 2021, so unless a longer-term legislative fix is in the offing (as has been rumored), employers will only get a temporary reprieve.
Importantly, AB 25 does not relieve employers from all CCPA requirements:
- Employers must still provide privacy notices to employees, contractors, and job applicants informing them of the categories of personal information being collected, and how that information is being used; and
- Employees can still sue if their personal information is compromised due to an employer’s failure to implement reasonable security measures.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
[View Source]