The California Consumer Privacy Act (CCPA) took effect Jan. 1. As has been well documented, the statute provides consumers with certain rights regarding their personal information, including the right to know whether businesses are collecting such information and how it is being used, the right to request deletion of such information, and the right to opt out of the sale of such information to third parties.
The CCPA also includes what was supposed to be a limited private right of action that permits consumers to recover up to $750 in statutory damages per incident when certain types of personal information are exposed in connection with a data breach. Perhaps unsurprisingly, this private right of action has already spawned dozens of class actions in California state and federal courts. These suits shed light on the various ways plaintiffs are testing the boundaries of the CCPA and its private right of action. Several categories of boundary-testing CCPA lawsuits are discussed below.
CCPA Lawsuits Premised on Violations of the Statutory Notice and Opt-Out Provisions
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
LexisNexis® and Bloomberg Law are third party online distributors of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® and Bloomberg Law customers are able to access and use ALM's content, including content from the National Law Journal, The American Lawyer, Legaltech News, The New York Law Journal, and Corporate Counsel, as well as other sources of legal information.
For questions call 1-877-256-2472 or contact us at [email protected]