Tag Archives: California

California Attorney General Settles First-Ever CCPA Enforcement Action

On August 24, 2022, the California Attorney General (AG) announced the entry of a final judgment to resolve claims that makeup retailer Sephora violated the California Consumer Privacy Act (CCPA). Notably, this is the California AG’s first enforcement action resulting in a fine and settlement under the CCPA. The California AG alleged that Sephora violated the CCPA by failing … Continue Reading

Data Brokers Must Register with California Attorney General by January 31

Given Broad Definitions, the Law Could Apply to Businesses That Do Not Consider Themselves Data Brokers While amending the California Consumer Privacy Act of 2018 (CCPA) last term, the California legislature also passed a CCPA-related privacy bill that applies to “data brokers.” Assembly Bill 1202 (AB 1202) requires businesses that qualify as data brokers to register, pay … Continue Reading

WSGR Event Recap: Online Advertising and Privacy—An Overview of Global Legal Developments

On May 22, 2019, WSGR and the Future of Privacy Forum (FPF) co-hosted an event focusing on advertising technology and how to overcome the challenges of complying with evolving global privacy requirements. Jules Polonetsky from FPF opened the program, focusing on the evolution of online advertising, from contextual to programmatic behavioral advertising. WSGR attorneys Lydia … Continue Reading

WSGR Event Recap: Key State and Federal Legislative Privacy Developments

On May 1, 2019, WSGR held a panel discussing state and federal legislative privacy developments, including the California Consumer Privacy Act (CCPA). The panel, moderated by Chris Olsen, featured Ashkan Soltani, former chief technologist at the Federal Trade Commission (FTC), and Shaundra Watson, the senior director for policy at BSA (The Software Alliance). Here are … Continue Reading

California Consumer Privacy Act: Industry, Advocate, and Enforcement Concerns and Legislative Amendments

On September 23, 2018, Governor Jerry Brown signed into law SB-1121, a bill that makes several amendments to the California Consumer Privacy Act (CCPA or the Act). The controversial privacy law, which is set to take effect in 2020, recently sparked a war of words among industry, privacy advocates, and the California Attorney General, each … Continue Reading

California Enacts Sweeping Privacy Law to Avert Potential Ballot Measure

In a surprising twist, the California legislature rushed last week to pass one of the most comprehensive privacy laws in the country. The bill was introduced only a week prior, and within hours of passage, it was signed into law by Governor Jerry Brown. As strict as the act is, it was enacted to avoid … Continue Reading

Monitoring and Recording Consumers’ Calls in California Can Be a Risky Practice

Many businesses monitor or record customer service, telemarketing, and other telephone calls with consumers to help them improve customer service and for evidentiary reasons. Under federal and many state laws, calls may lawfully be monitored or recorded by businesses as long as those businesses have permission from their employees who participate on the calls. However, … Continue Reading

California Attorney General Includes Chief Privacy Officer Requirement in Data Privacy Settlement

California Attorney General Kamala Harris recently announced a settlement with Houzz Inc., a home design website, over allegations that the company failed to notify individuals that it was recording their phone calls with the company.1 While the settlement included the payment of $175,000 in penalties and fees, it also included the surprising requirement that Houzz … Continue Reading

Comcast Enters into Largest Privacy Settlement on Record with California Attorney General

On September 17, 2015, California Attorney General Kamala Harris announced a $33 million settlement with Comcast Corp. to resolve an investigation into Comcast’s publishing of phone numbers that consumers had paid the company not to publish.1 Notably, the settlement is the largest privacy settlement on record to date, surpassing the recent $25 million settlement the … Continue Reading

California Amends Data Breach Notification Law and State Attorney General’s Data Breach Report May Lead to More Changes

Prompted by data breaches affecting large retailers in the United States, the California legislature recently passed Assembly Bill 1710 (A.B. 1710) to update the state’s breach notification law to require breached entities to provide free credit monitoring services to affected individuals following certain types of data breaches. This change, effective January 1, 2015, was recommended … Continue Reading

California Enacts Landmark Student Privacy Laws

In keeping with its position as the nation’s leader on privacy issues, the state of California recently enacted significant new laws on student privacy and education data. The Student Online Personal Information Protection Act (SOPIPA) sets forth a variety of restrictions on how operators of online services offered in schools can use and disclose student … Continue Reading

Proposed California Law Would Impose Data Breach Liability on Retailers and Create More Stringent Data Security Requirements for Businesses

A proposed California law, the Consumer Data Breach Protection Act (A.B. 1710),1 has the potential to upend the calculus of determining liability after retail data breaches, create additional data security requirements for retailers and other consumer-facing businesses operating in California, and establish new standards for data breach reporting for breaches affecting California residents. The bill, … Continue Reading

Kaiser Foundation Health Plan Settles California Attorney General Charges over Delayed Data Breach Notification

Kaiser Foundation Health Plan, Inc. (Kaiser) recently agreed to settle charges brought by California Attorney General Kamala Harris alleging that Kaiser, a component of Kaiser Permanente, the largest health maintenance organization in the U.S., violated California’s unfair competition law by taking too long to notify more than 20,000 current and former employees that their personal … Continue Reading

California Extends Security Breach Notification Requirements to Online Account Credentials

California, which enacted the pioneering security breach notification law in 2002, again has taken the lead in security breach notification legislation. In an effort to protect consumers against unauthorized access to their online accounts, California has extended its security breach notification law to cover individuals’ online account credentials (i.e., a user name or email address, … Continue Reading
LexBlog