Is Your Company In Compliance With The California Consumer Privacy Act?
Posted October 19, 2021

The California Consumer Privacy Act (CCPA) is the toughest privacy-protection law in the country for businesses that collect personally identifiable information from consumers. Most of the law’s provision apply to companies that meet one of three criteria (see below regarding provisions that apply to all companies):

  • Receive $25 million in annual revenue
  • Maintain information on more than 50,000 individuals, households, or devices
  • Derive 50 percent or more of its annual revenue from selling personal information

If your company meets any one of these criteria, CCPA compliance is mandatory. Among other things, the company must:

  • Describe in detail how the personally identifiable information is collected and used
  • Advise consumers how they can request to view the information the company has collected
  • Advise consumers how and under what circumstances they can request that their information be corrected or deleted
  • Provide a notice of the consumers' rights under the CCPA

The CCPA includes two provisions that apply to ALL COMPANIES, regarding specific protections extended to employees and job applicants. The company must inform employees and job applicants what personal information is being collected about them and how it will be used. And, if an employee's personal information is stolen, the employee may sue the company and recover statutory damages. This provision presents significant risks of liability in the class action context.

The California Attorney General has begun commencing enforcement actions against private companies, and we expect this trend to accelerate. Contact us for more information to ensure that you don't get sideways with the CCPA.

For questions regarding the CCPA or to address other employment law issues, contact the employment attorneys at LightGabler.

Copyright © LightGabler LLPContact | Our People | Website by Dan Gilroy Design