Counsel For Navigating The California Consumer Privacy Act (CCPA)
From A Perspective That Knows Business
The California Consumer Privacy Act (CCPA) (as amended by the California Privacy Rights Act [CPRA]) is a wide-ranging privacy and data protection law with compliance consequences for a broad line of business types. Like the European Union’s GDPR, the CCPA is extraterritorial in scope and applies to many companies not physically located in California. Enacted in 2018 and in effect from a compliance perspective since 2020, the CCPA imposes requirements that include specific privacy notices, such as via a privacy policy, implementation of data processing agreements (DPAs) with service providers, among others, honoring privacy rights of consumers, and conducting impact assessments.
The CCPA is enforced by the California Attorney General as well as subsequent enforcement authority as per the CPRA by the California Privacy Protection Agency (CPPA). So far, we have seen a variety of enforcement actions, ranging from warnings to fines, including those against this popular makeup retailer and a food delivery platform.
At RICHT, we provide clients with a full suite of legal services to comply with the CCPA and avoid regulatory enforcement and private actions. Our approach takes a business-first perspective that understands business relatives as well as goals and aims to fuse compliance and risk mitigation within those confines.
CCPA Law Services We Offer
CCPA Compliant Privacy Policies
Data Processing Agreements
Compliance With CCPA Privacy Rights
Data Privacy Assessments
Data Sale Analysis
Opt-Out/Opt-In Compliance
California AG Settles With DoorDash Over Selling Consumer Data Without Notice
The food delivery service company DoorDash settled charges with California’s attorney general after state authorities alleged the company sold consumers’ personal information without notice and without giving them a chance to opt out, both violations of California’s strict consumer privacy law.
California Attorney General Issues CCPA Violation Notices To Streaming Services
California Attorney General Rob Bonta announced his office is issuing notices to streaming service providers for their alleged violations of the California Consumer Privacy Act. The letters specifically address the streaming service providers’ level of compliance for offering users easy opt-out mechanisms for the sale of their personal data.
California Attorney General Announces First CCPA Enforcement Action
California Attorney General Rob Bonta announced the first enforcement action under the CCPA, a $1.2 million settlement with multinational retailer Sephora over violations of the law’s “Do Not Sell” provisions.
Top-10 Takeaways From The California AG’s CCPA Enforcement Case Examples
In July, the office of the attorney general of California marked the one-year anniversary of its enforcement of the California Consumer Privacy Act by issuing a press release to tout its “successful enforcement efforts.”