September 19, 2020

Volume X, Number 263

September 18, 2020

Subscribe to Latest Legal News and Analysis

September 17, 2020

Subscribe to Latest Legal News and Analysis

CCPA Enforcement Looms

We have previously alerted our readers about the California Consumer Privacy Act (CCPA), which went into effect on January 1, 2020. CCPA is one of the strictest consumer privacy laws in the U.S. and is broadly applicable [view related posts].

Although CCPA went into effect on January 1, 2020, enforcement by the California Attorney General does not start until July 1, 2020—next week. A coalition of 60 businesses have requested that Attorney General Xavier Becerra (AG) delay enforcement another six months to give businesses more time to put compliance programs in place, particularly in the face of the coronavirus, but the AG is committed to commencing enforcement next week.

According to the AG, “CCPA has been in effect since January 1, 2020. We’re committed to enforcing the law starting July 1. We encourage businesses to be particularly mindful of data security in this time of emergency.”

Data security is a key component of CCPA, which provides a private right of action for individuals to pursue against a company in the wake of a security incident, if, with proper notice and an opportunity to cure, individuals can show that the business did not have adequate security protocols and measures in place at the time of the security incident.

It’s not too late to develop and implement a CCPA Compliance Program, but businesses are running out of time if they haven’t started.

Copyright © 2020 Robinson & Cole LLP. All rights reserved.National Law Review, Volume X, Number 177


About this Author

Linn F. Freedman, Robinson Cole Law Firm, Cybersecurity and Litigation Law Attorney, Providence

Linn Freedman practices in data privacy and security law, cybersecurity, and complex litigation. She provides guidance on data privacy and cybersecurity compliance to a full range of public and private clients across all industries, such as construction, education, health care, insurance, manufacturing, real estate, utilities and critical infrastructure, marine, and charitable organizations. Linn is a member of the firm's Business Litigation Group and chairs its Data Privacy + Cybersecurity Team. She is also a member of the Financial Services Cyber-Compliance Team (CyFi ...