On July 1, 2020, the California State Attorney General (“AG”) began enforcement action against businesses that it believes have violated the California Consumer Privacy Act (“CCPA”). In anticipation of the July 1 deadline, it was unclear how the AG would prioritize CCPA enforcement. It was thought that the AG would target the largest businesses for CCPA violations in order to set an example for those companies (large and small) that meet the CCPA thresholds. In reality, the AG has shown no discretion with respect to CCPA enforcement and has sent notices of alleged violation to a large swath of businesses that it believes have not complied with the CCPA.
What do these notices allege and how should you respond to them?
CCPA Enforcement Notices
Responding to Notices
Please note that fraudulent notices have been sent by scam artists for purposes of scaring businesses into paying money. As such, businesses should first confirm with the AG that the notices that they receive are valid before responding to them. Businesses should respond to valid notices via email to firstname.lastname@example.org within thirty (30) days of notice receipt. The responses should describe all actions that have taken in order to come into full compliance with the CCPA. Failure to respond and cure the alleged violations may lead to imposition of the above civil penalties.
If your business has received a notice of alleged noncompliance, or if you require general assistance with implementing CCPA compliance measures, please email us at email@example.com, or call us at (212) 246-0900.
The material contained herein is provided for informational purposes only and is not legal advice, nor is it a substitute for obtaining legal advice from an attorney. Each situation is unique, and you should not act or rely on any information contained herein without seeking the advice of an experienced attorney.
Related Blog Posts: