June 17, 2021

Volume XI, Number 168

Advertisement

June 16, 2021

Subscribe to Latest Legal News and Analysis

June 15, 2021

Subscribe to Latest Legal News and Analysis

June 14, 2021

Subscribe to Latest Legal News and Analysis

With all this talk about the CCPA litigation risk, how many CCPA class actions actually got filed in 2020?

The California Consumer Privacy Act provided plaintiffs with a private right of action to pursue statutory damages following data security breaches that impact certain sensitive categories of personal information and are caused by a business’s failure to institute reasonable and appropriate security. Although the CCPA does not permit private suits with respect to alleged violations of the CCPA’s privacy (as opposed to security) provisions, the lack of a specified private right of action has not deterred some plaintiffs from filing suit.

During 2020, 73 class actions were filed in, or removed to, federal court and referenced either the “CCPA” or the “California Consumer Privacy Act.” Note that this represents only a portion of CCPA-related litigation as it does not include cases brought by individuals outside of the class action mechanism, or cases that were filed in state court and were not removed to a federal forum.

What industry is most at risk for CCPA litigation? Hint: It’s not what you think!

The California Consumer Privacy Act provided plaintiffs with a private right of action to pursue statutory damages following data security breaches that impact certain sensitive categories of information and are caused by a business’s failure to institute reasonable and appropriate security. Although the CCPA does not permit private suits with respect to alleged violations of the CCPA’s privacy (as opposed to security) provisions, the lack of a specified private right of action has not deterred some plaintiffs from filing suit. Based upon a review of federal class actions filed in 2020 that referenced either “CCPA” or “California Consumer Privacy Act,” plaintiffs focused most heavily on bringing CCPA-related lawsuits against the health care and health services industries. Indeed, nearly one in five class actions was filed against a health care-related company.

©2021 Greenberg Traurig, LLP. All rights reserved. National Law Review, Volume XI, Number 125
Advertisement
Advertisement
Advertisement

TRENDING LEGAL ANALYSIS

Advertisement
Advertisement
Advertisement

About this Author

David A. Zetoony Privacy Attorney Greenberg Traurig
Shareholder

David Zetoony, Co-Chair of the firm's U.S. Data, Privacy and Cybersecurity Practice, focuses on helping businesses navigate data privacy and cyber security laws from a practical standpoint. David has helped hundreds of companies establish and maintain ongoing privacy and security programs, and he has defended corporate privacy and security practices in investigations initiated by the Federal Trade Commission, and other data privacy and security regulatory agencies around the world, as well as in class action litigation. 

David receives regular recognitions from clients and peers for...

303.685.7425
Jena M. Valdetero Cybersecurity Lawyer Greenberg Traurig Law Firm
Shareholder

Jena M. Valdetero serves as Co-Chair of the firm’s U.S. Data, Privacy and Cybersecurity Practice where she advises clients on complex data privacy and security issues. She has led more than 1,000 data breach investigations. A litigator by background, Jena defends companies against privacy and data breach litigation, with an emphasis on class action lawsuits. She has designed and conducted dozens of data breach tabletop exercises to empower clients to respond effectively to a data security incident. She also counsels companies on data privacy and security compliance programs and advises on...

312.456.1025
Sarah Schenker Data Privacy Lawyer Greenberg Traurig Law Firm
Associate

Sarah Schenker advises clients on matters relating to data privacy and cybersecurity issues, including compliance with emerging and existing data privacy laws and data breach response.

Concentrations

  • Drafting policies, procedures, and training materials related to data privacy and security compliance

  • Advising on data security incidents

312.456.1010
Advertisement
Advertisement