Compliance Glossary

Since its initial implementation in 2018, the California Consumer Privacy Act has undergone a December 2020: The fourth iteration defined offline interaction requirements and reinstated the opt-out button. 

1. In February 2020, revised laws made it clear that loyalty programs would not be viewed as discriminatory and included the idea of an opt-out button
2. The ability to place an opt-out button next to a “Do Not Sell” link and the ban on pre-selecting opt-in options were eliminated in a second round of changes, in March 2020
3. The final CCPA regulations were authorized by the Office of Administrative Law, in August 2020. Among the revisions were the removal of the need for express agreement for using personal information for purposes that materially differ from one another.
4. A third series of changes defined rules for companies handling the personal information of children and included guidelines on opt-out notifications in physical establishments. 
5. In December 2020, the fourth iteration defined offline interaction requirements and reinstated the opt-out button. 
6. Additional regulations banned “dark patterns” that obscure the opt-out process and clarified rules for authorized agents.
7. The California Privacy Protection Agency (CPPA) released draft regulations addressing enforcement, audit rights, and updated CCPA terminology. Subsequent revisions clarified rules on third-party data collection, sensitive data usage, and opt-out preference signals.

These amendments reflect the ongoing effort to balance privacy rights with business practicalities.