Potentially Expanded Private Right of Action Increases Risk of Class Action Exposure Under the California Consumer Privacy Act
With the January 1, 2020 implementation date of the California Consumer Privacy Act (“CCPA” or “Act”) fast approaching, businesses should start thinking not only about the steps toward compliance, but also the risks associated with non-compliance. Particularly in light of the introduction of SB 561, which, if passed, would expand the private right of action to include all violations of the CCPA, as opposed to merely data breaches, businesses face an increasingly steep risk of class action exposure.
In this article, we help navigate this elevated risk profile, summarizing the Act’s main provisions, its interaction with regulations in key U.S. industries, the impact of proposed amendments, and the specter of class actions. In particular, we note the potentially catastrophic statutory damages that attend even relatively small data breaches, and remark the unforeseen, injurious consequences of class action waivers and weaponization of unfair competition prohibitions by enterprising plaintiff’s lawyers. In this way, we hope to help businesses anticipate and defend against the high risks associated with the CCPA.
To get ahead of CCPA compliance and how the Act impacts your industry, read our full article here.