Enforcement of the California Consumer Privacy Act (CCPA) began July 1, 2020. Our privacy team at Troutman Pepper includes several attorneys who worked in an attorney general’s office. This privacy regulatory team has identified six areas of enforcement likely to catch the California Office of the Attorney General’s (OAG) attention, which arguably holds sole regulatory enforcement authority under the Act. This six-part series will focus on those areas of the law. Building on the experience of advising clients on the CCPA since its passage, our privacy compliance team will then discuss discrete strategies to minimize enforcement risk and bolster compliance efforts.

Below is the tentative schedule for this six-part series. This week’s alert focuses on failing to provide adequate notice at collection and can be found here.

  • Enforcement Area No. 1: The Infamous “Do-Not-Sell” Button
    Available: here
  • Enforcement Area No. 2: Treating the CCPA Like a Check-the-Box Exercise
    Available: here
  • Enforcement Area No. 3: Service Providers
    Available: here
  • Enforcement Area No. 4: Businesses Collecting Children’s Personal Information and Health Related Data
    Available: here
  • NEW: Enforcement Area No. 5: Failing to Provide Adequate Notice at Collection
    Available: here
  • Enforcement Area No. 6: OAG’s Reaction to CPRA Referendum
    Release Date: August 17, 2020
  • Complimentary Webinar: Strategies to Prepare for Six Potential Target Areas of CCPA Enforcement by the CA Attorney General
    August 19, 2020 2 p.m. EST
    Register here
Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Ashley L. Taylor, Jr. Ashley L. Taylor, Jr.

Ashley is co-leader of the firm’s nationally ranked State Attorneys General practice, vice chair of the firm, and a partner in its Regulatory Investigations, Strategy + Enforcement (RISE) Practice Group. He helps his clients navigate the complexities involved with multistate attorneys general investigations…

Ashley is co-leader of the firm’s nationally ranked State Attorneys General practice, vice chair of the firm, and a partner in its Regulatory Investigations, Strategy + Enforcement (RISE) Practice Group. He helps his clients navigate the complexities involved with multistate attorneys general investigations and enforcement actions, federal agency actions, and accompanying litigation.

Photo of Ronald I. Raether, Jr. Ronald I. Raether, Jr.

Ron leads the firm’s Privacy + Cyber team. Drawing from nearly 30 years of experience, he provides comprehensive services to companies in all aspects of privacy, security, data use, and risk mitigation. Clients rely on his in-depth understanding of technology and its application

Ron leads the firm’s Privacy + Cyber team. Drawing from nearly 30 years of experience, he provides comprehensive services to companies in all aspects of privacy, security, data use, and risk mitigation. Clients rely on his in-depth understanding of technology and its application to their business to solve their most important challenges — from implementation and strategy to litigation and incident response. Ron and his team have redefined the boundaries of typical law firm privacy and cyber services in offering a 360 degree approach to tackling information governance issues. Their holistic services include drafting and implementing bespoke privacy programs, program implementation, licensing, financing and M&A transactions, incident response, privacy and cyber litigation, regulatory investigations, and enforcement experience.

Photo of Sadia Mirza Sadia Mirza

Sadia leads the firm’s Incidents + Investigations team, advising clients on all aspects of data security and privacy issues. She is the first point of contact when a security incident or data breach is suspected, and plays a central role in her clients’

Sadia leads the firm’s Incidents + Investigations team, advising clients on all aspects of data security and privacy issues. She is the first point of contact when a security incident or data breach is suspected, and plays a central role in her clients’ cybersecurity strategies.