When the California Privacy Rights Act (CPRA) took effect at the start of this year, it introduced general data minimization obligations. With these new requirements, among other tasks, companies will need to continually evaluate their data collection practices and determine the purposes for which data is collected and processed. In a recent Women in Cyber webinar, Alston & Bird partners and in-house counsel at Hitachi Energy and TransUnion offered key considerations for implementation of new CPRA requirements, and discussed the potential regulatory risks for non-compliance. See “CPRA Draft Regulations: Essential Takeaways and 10 Actions to Take Now” (Jul. 13, 2022).