Pittsburg, PA

Tucker Arensberg, P.C.
Tucker Arensberg, P.C.
One PPG Place, Suite 1500
Pittsburgh, PA 15222
(412) 566-1212
(412) 594-5619
Directions to Pittsburgh

Harrisburg, PA

Tucker Arensberg, P.C.
Tucker Arensberg, P.C.
300 Corporate Center Drive, Suite 200
Camp Hill, PA 17011
(717) 234-4121
(717) 232-6802
Directions to Harrisburg

New York, NY

Tucker Arensberg, P.C.
Tucker Arensberg, P.C.
250 Park Avenue, Suite 1508, 7th Floor
New York, NY 10171
(212) 739-7910
(212) 739-9607
Directions to New York

Foster City, CA

Tucker Arensberg, P.C.
Tucker Arensberg, P.C.
1098 Foster City Boulevard, Suite 106 #700
Foster City, California 94404
(650)208-2701
Directions to Foster City

Widget Title

  • People
  • Practice Areas
  • News + Insights
    • News
    • Articles
    • Speaking
  • Office Locations
    • Pittsburgh
    • Harrisburg
    • New York
    • Foster City
  • About the Firm
    • Overview
    • Careers
    • Diversity
    • Women@Tucker
    • Affiliations
    • Pro Bono & Community

Title

  • Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar

Tucker Arensberg, P.C.Tucker Arensberg, P.C.

Attorneys in Pittsburgh, Harrisburg, New York City

  • People
  • Practice Areas
  • News + Insights
  • About Our Firm
  • COVID 19: Answers to Business Challenges
ShareBookmarkPDF

Enforcement begins under the California Consumer Privacy Act

Articles, Privacy, Technology and Data Security July 13, 2020

Maribeth Thomas mthomas@tuckelaw.com 412 566-3949

July 1st marked the beginning of the enforcement of the California Consumer Privacy Act (the “CCPA”).  Despite the fact that a final version of the regulation has yet to be codified, California Attorney General Xavier Becerra announced on June 30, 2020 that his Office would begin to enforce the CCPA the next day.

On June 1, Becerra submitted a draft resolution to California’s Office of Administrative Law for final approval.  The draft resolution provided guidance as to how the Attorney General’s Office would interpret the CCPA and how an organization can comply with its requirements.  It is believed that, once the final regulations are approved, enforcement of the CCPA will be retroactive to January 1, 2020.

The CCPA was signed into law on June 28, 2018 and became effective on January 1, 2020.  At that time, Becerra made clear that his Office would not take action against a non-compliant organization for six months after the CCPA became effective.  Once the CCPA and its regulations are codified, it is expected that its requirements and enforcement will be retroactive to January 1, 2020. 

The CCPA provides California residents with expanded data protection rights, and it applies to businesses—whether located within or outside of California—that have access to the personal data of a California resident.  “Personal data” consists of email addresses, online handles, IP addresses, biometric data, geolocation data, and search histories.  A business must comply with the CCPA if (1) its gross annual revenue is greater than $25 million; (2) it buys, receives, or sells personal information of at least 50,000 consumers, households, or devices; or (3) at least 50% of its revenue comes from selling the personal information of consumers.  An intentional violation of the CCPA could result in penalties up to $7,500 for each violation, and unintentional violations may result in a penalty of up to $2,500.

The CCPA provides California residents with five important rights with respect to their personal data:

  1. Consumers can request that a business provide them with information regarding any personal data that the business has collected, shared or sold, as well as the purpose for such action.
  • Subject to certain exceptions, consumers can request that a business delete any personal information that it collected from them.
  • Consumers can notify a business that it does not have permission to sell their personal information to third parties.
  • To sell the personal information of consumers under the age of 16, their permission is required.  Further, a business must obtain parental consent before selling the personal information of any consumer under the age of 13.
  • Businesses cannot discriminate against consumers that utilize their rights under the CCPA.

In light of the expanded rights provided to consumers by the CCPA, and the substantial fines that could be incurred if those rights are violated, it is imperative that businesses implement measures to ensure that they are compliant with the CCPA.  These measures should include, for example, a review of all vendor contracts, effective training of all employees, and a review of compliance procedures regarding personal data.  For more information or assistance with CCPA compliance, please contact Maribeth Thomas.

Primary Sidebar

Enforcement begins under the California Consumer Privacy Act

Related

People

  • Maribeth Thomas

Practice Areas

  • Intellectual Property
  • Privacy, Data Security & Technology
© 2022 All Rights Reserved|Tucker Arensberg, P.C.|Log in|Powered by Content Pilot
  • Sitemap
  • Disclaimer
  • Privacy Policy