CCPA Enforcement Begins July 1, 2020 – Violators Already Being Pursued
Financial institutions are down to one week left to update their privacy notices and privacy practices in order to comply with the California Consumer Privacy Act. The CCPA will be enforced by California’s Attorney General starting July 1, 2020 following six months of breathing room since the law took effect January 1, 2020. In addition to the enforcement by California’s AG, private actions for CCPA violations have already been filed against a number of companies – signifying that the law has teeth and noncompliance is being pursued aggressively.
In a previous blog post, we identified the various requirements imposed by the CCPA, many of which are similar to data protections for individuals under the GDPR. Noncompliance can result in a penalty of up to $2,500 per violation ($7,500 per violation if deemed intentional), which can quickly rack up given the number of California clients a financial institution may have.
Final regulations implementing the CCPA were published June 1, 2020 and are available here.
At CSS, we are receiving inquiries from financial firms looking to update their privacy notices ahead of the enforcement date. If you would like assistance in reviewing your privacy practices for CCPA or conducting a data classification assessment, or to inquire about any of our cybersecurity service offerings, please contact our experts at: [email protected].