Passed in 2018, the state of California signed into law the California Consumer Privacy Act (CCPA), which went into enforcement beginning on July 1, 2020. This Act protects the privacy rights of California residents residing in the state other than a temporary or transitory purpose and those who resided in the state but are outside of the state for a temporary or transitional purpose. Based on this Act, companies must protect five consumer rights, including the right to:
The CCPA does not apply to certain entities such as government agencies, non-profit companies, or certain small companies that do not satisfy the requirements. Companies will need to provide the following information on their websites, online privacy policies, or other relevant company policies. This information must be updated every 12 months.
Additionally, if a consumer requests information, the company must disclose the requested information. Consumers can request data collected up to 12 months prior to the date of their request, and the company typically has 45 days from the request to provide the requested information.
If a business or entity is in violation of CCPA, they will receive a notification and will have 30 days to correct the violation. If the company does not take steps to achieve compliance, the company can be fined $2,500 per violation. If the violation is deemed willful, the company can be fined $7,500 per violation. Additionally, any consumer affected by a data breach is entitled to damages ranging from $100 to $750 per person.
The California Privacy Rights Act (CPRA) will come into effect in 2023 and will enhance California’s current data privacy laws. This Act does not replace the CCPA but is an addition to the existing laws. The CPRA adds four additional consumer rights to the data privacy rights granted by the CCPA. These rights are the right to:
In addition, it expands or modifies five existing consumer rights. In general, consumer consent takes on a larger role under the CPRA. However, information that is publicly available is not considered under CPRA, including unrestricted information a consumer distributes on social media. The CPRA also grants employees, full-time, contractors, and applicants; the same rights as regular consumers.
All company thresholds established in the CCPA have also been modified in the CPRA. The changes are bolded below:
Commonly controlled entities and joint ventures will be required to comply with CPRA.
One of the most important changes is that companies must inform consumers “at or before the point of collection” as to:
In addition, how companies use consumer information with third parties will be further restricted under CPRA.
If a company or entity fails to adequately protect consumers’ data from unauthorized access such as breaches and theft, it will be easier for consumers to sue. Additionally, the CPRA eliminates the 30-day corrective time companies were afforded under CCPA. Violations involving minors under the age of 16 will now be fined $7,500 per violation. The newly created California Privacy Protection Agency (CPPA) will oversee and have broad jurisdiction of personal data protection.
Privacy laws are constantly evolving. It is important to be compliant with the CCPA and make sure you adhere to CPRA before it takes effect. If you have questions about your data privacy practice and want to see if you are compliant with the CCPA and CPRA, contact us at Whitcomb, Selinsky, P.C. Our expert legal team of data/cybersecurity/privacy specialists will review your current procedures and suggest additional processes as needed.
If you have received a CCPA violation notice, we will examine your violation, advise on corrective actions to resolve your violation, and work with the necessary officials if needed to ensure the violation is rectified. It is our job to know the laws so you can get back to business. If you need legal help with California Privacy Law, call us at (303)-534-1958 or fill out the form below. We are here to help you today.
If you own a business and are actively seeking a government contract or need assistance maintaining an existing government contract, it is essential to have an experienced government procurement attorney who can assist you throughout the process. Government procurement can involve many different types of contracts for goods or services from contractors. Whether you are just getting started in your business and want to learn more about government procurement, or if you need assistance with the complex formal legal process of government procurement and securing a contract, one of our experienced government procurement attorneys can assist you.
Do not hesitate to get in touch with Whitcomb, Selinsky, PC to learn more about the services our firm provides in Colorado, Northern Virginia (just outside Washington, D.C.), and other areas. We are committed to providing experienced and tailored representation to small- and medium-sized business owners.
Our attorneys pride themselves on finishing the job in less time than anticipated and responding to client communications within 24 hours of receiving a call, email, or text. Our team also stays current on the changes in government contracting law, including the regulations and relevant case law. Whitcomb, Selinsky, PC brings the skills, tactical decision making, and discipline each member of our team has learned through professional experiences representing each of our clients — business and individuals alike. We measure our success by the success of our clients. Give us an opportunity to serve you here at Whitcomb, Selinsky, PC. The experienced government procurement attorneys at our firm can begin working with your business today. Contact Whitcomb, Selinsky, PC online or call our offices at 866-476-4558 for more information.
Whitcomb, Selinsky, PC is a full-service law firm serving clients’ diverse legal needs. Our focus is on helping people in their interactions with federal, state, and local governments.