CPRA for Financial Institutions – Last Minute Updates


Although subject to sector-specific state and federal privacy laws, financial institutions are not completely exempt from the California Privacy Rights Act (CPRA). Effective on January 1, 2023, the law introduces extensive new compliance obligations, such as on data governance, the processing of sensitive personal information, cross-context behavioral advertising, and vendor management. This session explores the CPRA’s scope of application, summarizes key requirements and provides an update on the status of the CPRA Regulations by the California Privacy Protection Agency. 

Vincent Schroder
Of Counsel​
Morrison & Foerster