By Dean Short
Now is the time for companies to comply with California Consumer Privacy Act of 2018 (CCPA) if you haven’t done so already.
The California Attorney General’s final regulations will soon be approved by the California Office of Administrative Law. The enforcement deadline is scheduled for July 1, 2020. Any privacy policies that show they were updated after July 1, 2020 will risk admitting that they were not in compliance with CCPA prior to the enforcement deadline.
If your company is subject to the CCPA requirements or has committed in contracts to be compliant with applicable data privacy laws then your privacy policy needs to be updated, you will need to have a consumer privacy toll free number and one other method for California consumer to contact your company to enforce their rights under the CCPA.
CCPA enforcement will not be delayed due to COVID-19. Despite letters by two business trade associations requesting a delay to the Attorney General’s Office’s enforcement of CCPA, the AG’s office indicated on June 2, 2020 that “Businesses have had since January 1 to comply with the law, and we are committed to enforcing it starting July 1.”
It is important for companies to understand the necessary steps to comply with CCPA in order to avoid fines and private rights of action that consumers may enforce pursuant to the broad reach of the CCPA. Upon notice of non-compliance, companies will have 30 days after notice of non-compliance. Civil penalties of up to $7500 “for each intentional violation” may apply if companies are not compliant.
CCPA requires that companies: (1) update their privacy policy; (2) revise their website homepage; (3) increase their data mapping efforts and form a compliance team (4) create a mechanism for intake of consumer requests including a toll-free number and one other method of contact; (5) train your personnel if necessary; (6) update your document retention policies; and (7) provide notice to employees, job applicants, contractors, officers and directors.
Please contact us if you have a need to get into compliance. We can help your company check the box on each of these obligations in compliance with CCPA and keep you compliant under the new law and any changes.
As you may have heard, there is a proposed ballot measure called the California Privacy Rights Act which, if approved, will provide further ‘teeth’ to the CCPA by ramping up enforcement and compliance requirements.
Please contact Bear Flag Services for further info and a free consultation by contacting [email protected] or visiting our California website www.californiadataprivacyact.com. Please set up a consultation at: https://flagprivacy.com/15minconsultation39024313.
Dean Short & Bear Flag Services LLC
Dean Short is a Montage Freelance Attorney and the founder of Bear Flag Services, LLC, a data privacy focused third party service provider that assists with CCPA and other data privacy law compliance. Mr. Short previously worked at Dykema and Tucker Ellis in Los Angeles before working in-house with Toshiba in Irvine, CA then starting his own legal practice based in Newport Beach. Mr. Short is proudly a University of San Diego School of Law alumni.