iDon’t wait to implement your California Consumer Privacy Act (CCPA) compliance. California’s new privacy law goes into effect January 1, 2020. Although California attorney general enforcement is not expected until at least July 1, 2020, consumer lawsuits for violations of CCPA could start in early 2020 based on CCPA’s 12-month look back. CCPA can apply to businesses even if they do not have offices or employees in California. It can also reach activities conducted outside of California. See our prior alert here to see if CCPA applies to your business.
A pending amendment to CCPA could broaden consumers’ ability to sue for any violation of CCPA (and not just data breach related incidents). Under CCPA as currently passed, consumer plaintiffs are entitled to statutory damages. This means they don’t have to prove damages, only a CCPA violation to recover damages. Most privacy lawsuits lose because damages can’t be proven. CCPA has the potential to change privacy litigation as we know it.
Do you know what California consumers can demand from your business under CCPA? Consider that “consumers” is broadly defined as a natural person resident in California for other than a transitory purpose and could include customers, employees, business contacts and others
(Click to enlarge charts)
A business cannot discriminate in service or price offered to consumers who exercise their privacy rights under CCPA though some price, quality or service differences are possible under CCPA. This overview is not a substitute for considering CCPA and its requirements in their entirety.
