Photo of Jessica Gross

Jessica R. Gross is an associate in both the Privacy and Cybersecurity and Labor and Employment Practice Groups in the firm's San Diego office.

California voters resoundingly approved Prop 24, also known as the California Privacy Rights Act (“CPRA”) and CCPA 2.0—yet again shaking up California’s privacy laws and making California the epicenter for digital privacy rights in the United States. This article answers questions about how the CPRA changes existing laws and impacts “sensitive personal information” maintained by businesses about their applicants, employees, and independent contractors.
Continue Reading Riding the Privacy Wave: California Privacy Rights Act & Its Impact on Employers

2020 has been a transformative year of everlasting uncertainty and constant change: employee privacy is no exception. California laws impacting employee data are changing yet again. This article highlights what employers need to know about (1) recent amendments to the California Consumer Privacy Act, and (2) what happens if the California Privacy Rights Act is approved by voters on November 3, 2020.
Continue Reading The Only Constant Is Change: How Evolving Privacy Laws Impact Employers

On September 17, 2020, Governor Newsom signed Assembly Bill (AB) 685 into law, establishing new requirements for employers to notify employees and their unions about a potential COVID-19 exposure in the workplace.  The new law, which will be in effect from January 1, 2021, until January 1, 2023, also requires employers to report a COVID-19 “outbreak” at the worksite to local health authorities.  Further, AB 685 relaxes the pre-citation requirements that the Division of Occupational Safety and Health (“Cal/OSHA”) must follow before issuing a citation for a serious violation related to COVID-19.  This article breaks down the various requirements of the new law and identifies potential complications or issues that employers should be aware of when attempting to comply with the new requirements.
Continue Reading Enactment of AB 685 Establishes COVID-19 Exposure Notice Requirements for California Employers and Cal/OSHA Enforcement Changes

Our proximity and “close contact” with other humans is on the front lines in the war against coronavirus.  Yet tracking 6 feet of distance from every human we encounter for a 14 day period is nearly impossible without the help of technology like contact-tracing apps.  Although many privacy and employment laws designed to protect employee rights have been temporarily relaxed during the pandemic, employers must consider and resolve employee privacy issues created by contact-tracing apps.  As businesses forge roadmaps to reopen, these apps offer innovative solutions to meet legal requirements imposed by OSHA and Centers for Disease Control.  This article explores what employers need to know about contact-tracing apps including how they work, the laws that govern, the impact to employee privacy, consent, and ways to mitigate risk associated with contact-tracing apps.
Continue Reading Up Close & Personal: Contact-Tracing Apps & Employee Privacy

On October 11, 2019, California Gov. Gavin Newsom signed AB 25 into law, giving employees, applicants, independent contractors, emergency contacts and dependents new rights to privacy. As explained in our previous post—Employee Privacy by Design: Guidance for Employers Beginning to Comply with the California Consumer Privacy Act—the amendment to CCPA is a limited one-year reprieve for employers. Effective January 1, 2020, employers must provide disclosures to employees about the categories of personal information collected and its purpose. One year later, on January 1, 2021, all rights under CCPA will be provided, including the right to request access and the right to be forgotten. Below are a few quick points clarifying what AB 25 means for Human Resources professionals:
Continue Reading Big Bang! California Expands Employee Privacy Rights & Insights from the Office of Attorney General

On September 13, 2019, the California Senate and Assembly unanimously passed an amendment to the California Consumer Privacy Act (“CCPA”) that places onerous obligations on employers and entitles employees to statutory damages for data breaches.  The landmark measure—AB 25—awaits Governor Newsom’s signature (or veto).  Regardless of whether AB 25 is signed into law, CCPA applies to employee data and employers have until January 1, 2020 to comply.  This article explores how the California Consumer Privacy Act impacts existing employee privacy rights and how employers can begin to develop a holistic privacy compliance program.
Continue Reading Employee Privacy by Design: Guidance for Employers Beginning to Comply with the California Consumer Privacy Act