Reasonable Security – Proactive Defense Against CCPA’s Private Right of Action
With the California Consumer Privacy Act (CCPA) effective date of January 1, 2020, fast approaching, businesses subject to California’s new privacy law must come into compliance with a number of new obligations. That burden on businesses comes with an opportunity for plaintiffs’ firms, who will take advantage of CCPA’s private right action—which imposes significant statutory damages—to pursue a wave of new class action litigation. Any business subject to the CCPA, may be held liable if consumers can demonstrate that their personal information was affected by a data breach arising from the business’s failure to implement or maintain “reasonable security.” To prepare for the CCPA, businesses must make assessing and, if necessary, strengthening their information security (IS) programs a top priority to ensure that they provide “reasonable security” to limit the risk of class action litigation.
Join McDermott’s leading privacy and cybersecurity class action team for a webinar that will provide practical advice on how to mitigate litigation exposure. Topics will explore:
What “reasonable security” means
How to implement and maintain an IS program that meets reasonable security standards
How deficiencies in IS can provide fodder for litigation
Best practices in establishing and maintaining legal privilege over IS assessments