CCPA Enforcement Begins Amid Pandemic And Regulatory Uncertainty
Tuesday, July 7, 2020
CCPA enforcement begins amid COVID-19
Print Mail Download i

On July 1, 2020, the office of the California Attorney General (AG) began enforcement of the California Consumer Privacy Act (CCPA).

The CCPA—generally viewed as the broadest digital privacy law in the U.S. which poses significant concerns for practically any business with a website accessible to California consumers—became effective on Jan. 1, 2020. However, after its effective date, CCPA was subject to a six-month ramp-up period, such that enforcement was not to begin until July 1, 2020.

Considering several developments, there were questions as to whether enforcement would begin on July 1, 2020. During the ramp-up period, the California AG issued regulations governing the implementation of the CCPA. Confusingly, those regulations were modified several times. It was not until June 1, 2020, that the California AG finalized the regulations.

The regulations must now undergo a 90-day review by the California Office of Administrative Law, after which their final text will be filed with the California Secretary of State. Only then—around the end of August—will the regulations become enforceable. Thus, while CCPA is itself in effect, the status of its regulation has been a matter of significant procedural uncertainty. In addition to that procedural uncertainty, businesses across the world are also dealing with the 2019 novel coronavirus (COVID-19) pandemic. Understandably, many industry leaders called on the California AG to delay its CCPA enforcement efforts.

We now know that the California AG has rejected those requests and despite the current environment—the pandemic still raging and regulations that are not yet technically effective—began moving ahead with enforcement on July 1, 2020. In an interview with The Washington Post, the California AG confirmed: “For sure we will start enforcing on July 1.” Now, we are seeing reports that enforcement in fact began as promised, with companies receiving compliance notices before the July 4 holiday weekend.

There is only one way to interpret this move by the California AG: businesses cannot wait to ensure compliance with CCPA’s provisions.

What you can do now:

  • Read the law and the still-pending implementing regulations

  • If you haven’t yet, contact an attorney to ensure you’ve taken all possible steps to comply with the CCPA

  • If you receive a compliance notice from the California AG, ensure that you comply with all deadlines and next-step requirements, preferably with the advice of an attorney

Copyright © 2024 Godfrey & Kahn S.C.

Current Legal Analysis

More from Godfrey & Kahn S.C.

Update: NLRB General Counsel Issues Guidance on Confidentiality and Non-Disparagement Provisions in Severance Agreements
by: Peter L. Albrecht
Immigration Roundup February 20 2023
by: Gene T. Schaeffer, Jr.
The Vanishing Safety Zone: DOJ Withdraws Long-Established Healthcare and Information Sharing Guidelines with Far-Reaching Implications
by: Sean O'D. Bosack , Christie B. Carrino
OSHA Issues COVID-19 Emergency Temporary Standard for Health Care Workers and Guidance for All Workplaces
by: Aaron P. McCann
5 Takeaways from EEOC Update to Employer Vaccination Guidance
by: Rebeca M. Lopez , Sarah K. Mueller
As Local Mask Mandates Expire, How Should Employers Respond?
by: Rebeca M. Lopez , Sarah K. Mueller
Attention Hotel Operators: Have You Been Served with an ADA Website Reservation System Lawsuit?
by: Jonathan T. Smies , Matthew J. Stoiber
Indian Nations Law Update - May 2021
by: John L. Clancy , Brian L. Pierson
What’s your vaccination status? Key legal considerations before asking your employees about theirs
by: Paul J. Covaleski , Sarah K. Mueller
Use of Trademarks in the U.S.
by: Nicholas A. Kees , Alexander C. Lemke

Upcoming Legal Education Events

 

NLR Logo

We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up to receive our free e-Newsbulletins

 

Sign Up for e-NewsBulletins