The California Consumer Privacy Act (CCPA) is the toughest privacy-protection law in the country for businesses that collect personally identifiable information from consumers. Most of the law’s provision apply to companies that meet one of three criteria (see below regarding provisions that apply to all companies):
If your company meets any one of these criteria, CCPA compliance is mandatory. Among other things, the company must:
The CCPA includes two provisions that apply to ALL COMPANIES, regarding specific protections extended to employees and job applicants. The company must inform employees and job applicants what personal information is being collected about them and how it will be used. And, if an employee's personal information is stolen, the employee may sue the company and recover statutory damages. This provision presents significant risks of liability in the class action context.
The California Attorney General has begun commencing enforcement actions against private companies, and we expect this trend to accelerate. Contact us for more information to ensure that you don't get sideways with the CCPA.
For questions regarding the CCPA or to address other employment law issues, contact the employment attorneys at LightGabler.