Skip to main content
close search
site logo

California privacy agency launches first enforcement sweep

The California Privacy Protection Agency, which gained enforcement powers July 1, said it is reviewing the data privacy practices of connected vehicle manufacturers.

Published Aug. 2, 2023
Lyle Moran's headshot
Lyle Moran Reporter
Intelligent vehicle cockpit and wireless communication network concept
Intelligent vehicle cockpit and wireless communication network concept metamorworks via Getty Images

The California Privacy Protection Agency recently announced that its Enforcement Division is reviewing the data privacy practices of manufacturers that produce Internet-connected vehicles.

This is CPPA’s first publicly announced enforcement sweep, an agency spokesperson confirmed, and it will be conducted under the California Consumer Privacy Act.

Connected vehicles, also known as CVs, can communicate bidirectionally with other systems outside of the cars. The privacy agency highlighted that these cars typically have several key features, including location sharing, web-based entertainment, smartphone integration and cameras.

“Data privacy considerations are critical because these vehicles often automatically gather consumers’ locations, personal preferences, and details about their daily lives,” the agency said in its announcement.

Overall, there are more than 35 million vehicles registered in California, the privacy agency said.

“Modern vehicles are effectively connected computers on wheels,” said Ashkan Soltani, CPPA’s executive director. “They’re able to collect a wealth of information via built-in apps, sensors, and cameras, which can monitor people both inside and near the vehicle.”

Our Enforcement Division is making inquiries into the connected vehicle space to understand how these companies are complying with California law when they collect and use consumers’ data,” Soltani continued. 

The agency also said it is looking into the data privacy practices of “related CV technologies.”

The California privacy agency was created following voters’ passage of Proposition 24 in 2020. On July 1 CPPA began exercising its power to administratively enforce the landmark California Consumer Privacy Act, known as CCPA.

Just before those powers kicked in, a state court judge issued an opinion preventing the agency from enforcing some new regulations that recently went into effect.

However, Soltani said his agency was pleased the court “held that significant portions of Prop 24’s privacy protections” remained enforceable beginning at the start of last month. 

The California Attorney General’s Office also can enforce CCPA, and it has publicly highlighted some of its enforcement efforts.

For example, AG Rob Bonta recently announced his office has launched an investigative sweep to examine how employers are complying with newer elements of California’s data privacy law.

The AG noted in a press release that starting this past Jan. 1, businesses must now comply with CCPA’s privacy protections in their handling of employee data.

Bonta’s office has conducted prior enforcement sweeps as well, including one of online retailers that resulted in a well-publicized settlement with Sephora.

Recommended Reading

Editors' picks

Company Announcements

View all | Post a press release
Trellis Launches Trellis AI to Revolutionize Trial Court Litigation
From Trellis
November 19, 2024
Breaches and Bots: Law Firms Face a Trust Crisis with Clients, New Integris Survey Reveals
From Integris
November 18, 2024
ContractCrab Launches AI Contract Review for In-House Legal Teams
From ContractCrab
November 14, 2024
Editors' picks
Latest in Compliance
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell