In a span of a mere two years, the state of California passed two ballot initiatives dealing with privacy that promise to have an impact on digital health, the second of which created an office specifically for privacy enforcement matters. Eric Goldman, a professor of law at the Santa Clara (California) University School of Law, said on a recent webinar that the state attorney general’s office and the new California Privacy Protection Agency (CPPA) have overlapping jurisdiction, and as a consequence, companies doing business in California may find themselves at the mercy of not one, but two enforcement entities.