Skip to content

Menu

ChannelsPublishersSubscribe
LexBlog, Inc. logo
LexBlog, Inc. logo
ProductsSub-MenuBlogsPortalsTwentySyndicationMicrositesResource Center
Join
Search
Close
Join the Movement. Blog 4 Good

California’s Landmark Privacy Law Now in Effect

By Jeffrey L. Poston, Paul M. Rosen, Kristin Madigan, Jarno Vanto, Brandon C. Ge & Lee Matheson CIPP/US, CIPP/E, CIPP/A, CIPM on January 23, 2020
EmailTweetLikeLinkedIn

On January 1, 2020, California’s landmark privacy law, the California Consumer Privacy Act (CCPA), took effect. The CCPA imposes various obligations on covered businesses and provides extensive rights to consumers with respect to controlling the collection and use of their personal information. While some companies have largely completed their CCPA compliance efforts, many others are still digesting the CCPA and draft proposed regulations, and taking steps to meet the CCPA’s myriad compliance obligations.

Confusion persists about how businesses can comply with certain provisions of the CCPA. In October 2019, the California Attorney General issued proposed regulations that provide guidance on a number of key areas, but the regulations are not yet final. If adopted, violations of the proposed regulations will be treated the same as violations of the CCPA itself, with the same penalties. We have summarized the proposed regulations in previous alerts:

  • Proposed CCPA Regulations from California Attorney General Just Issued: Part I – An Analysis of Required Consumer Notice
  • Proposed CCPA Regulations from California Attorney General: Part II – An Analysis of Handling Consumer Requests under the CCPA
  • Proposed CCPA Regulations from California Attorney General: Part III – An Analysis of the Requirement to Verify Consumer Requests and Parental Consents
  • Proposed CCPA Regulations from California Attorney General: Part IV – Service Providers & Financial Incentives

Comments on the proposed regulations can be viewed here.

While formal enforcement proceedings by the California Attorney General will not begin until July 1, 2020, it is possible the agency will pursue retroactive enforcement for violations that occur between January 1 and July 1, 2020. The California Attorney General may impose civil penalties of $2,500 for each violation or $7,500 for each intentional violation after notice and a 30-day cure period.

In addition, the CCPA grants California consumers a private right of action and statutory damages of $100 to $750 per incident against companies that experience a data breach caused by failure to implement and maintain reasonable security procedures. Those lawsuits may be filed at any time.

Companies that have not yet completed (or commenced) CCPA compliance efforts should continue (or get started) in an effort to mitigate CCPA risk. Due to “limited resources,” California Attorney General Xavier Becerra has stated the agency will “look kindly on those that … demonstrate an effort to comply.”

* * *

For assistance with CCPA compliance, please contact one of our privacy team members listed below.

Please also check back for additional analysis of forthcoming California Attorney General CCPA updates and final regulations.

Photo of Jeffrey L. Poston Jeffrey L. Poston
Read more about Jeffrey L. PostonEmail
Photo of Paul M. Rosen Paul M. Rosen
Read more about Paul M. RosenEmail
Photo of Kristin Madigan Kristin Madigan
Read more about Kristin MadiganEmail
Photo of Jarno Vanto Jarno Vanto
Read more about Jarno VantoEmail
Photo of Brandon C. Ge Brandon C. Ge

Brandon C. Ge is an associate in Crowell & Moring’s Washington, D.C. office, where he is a member of the firm’s Privacy & Cybersecurity and Health Care groups.

Brandon advises clients on a wide range of privacy and cybersecurity laws, regulations, and standards.

Brandon C. Ge is an associate in Crowell & Moring’s Washington, D.C. office, where he is a member of the firm’s Privacy & Cybersecurity and Health Care groups.

Brandon advises clients on a wide range of privacy and cybersecurity laws, regulations, and standards. His practice has a particular focus on advising clients – from start-up digital health companies to large health plans – on all aspects of compliance with the Health Insurance Portability and Accountability Act (HIPAA). Brandon regularly assists clients with responding to security incidents and has successfully represented clients in Office for Civil Rights investigations.

Read more about Brandon C. GeEmail
Show more Show less
Photo of Lee Matheson CIPP/US, CIPP/E, CIPP/A, CIPM Lee Matheson CIPP/US, CIPP/E, CIPP/A, CIPM
Read more about Lee Matheson CIPP/US, CIPP/E, CIPP/A, CIPMEmail
  • Posted in:
    Corporate & Commercial
  • Blog:
    Retail & Consumer Products Law Observer
  • Organization:
    Crowell & Moring LLP
  • Article: View Original Source

Stay Connected

Facebook LinkedIn Twitter RSS
Real Lawyers

Company

  • About LexBlog
  • Careers
  • Press
  • Contact LexBlog
  • Privacy Policy
  • Editorial Policy
  • Disclaimer
  • Terms of Service
  • RSS Terms of Service

Products

  • Products
  • Blogs
  • Portals
  • Twenty
  • Syndication
  • Microsites

Support

  • 1-800-913-0988
  • Submit a Request
  • Support Center
  • System Status
  • Resource Center

New to the Network

  • DSR Health Law Blog
  • Immigration View
  • Diving Deeper Into Work
  • North Carolina Appellate Practice Blog
  • Allens Insights
Copyright © 2021, LexBlog, Inc. All Rights Reserved.
Powered By LexBlog