Skip to content

Our privacy and technology experts understand the CCPA and the operational impact this first-of-its-kind privacy regulation has on your business. We will work with you to determine applicability and implement controls that get you in compliance while also ensuring you can continue operating as close to business-as-usual as possible.

Our engagements often include a combination of the following services:

Let's get you started with CCPA Compliance

Background

Taking the US privacy scene by storm in 2019, the California Consumer Privacy Act (CCPA) is the first comprehensive privacy regulation in the US.

The CCPA requires companies to provide disclosures to California consumers surrounding what personal information is collected, the purpose for collection, and selling and sharing practices. Further, the law provides rights to consumers including the ability to opt-out of the selling of their personal data, as well as:

  • The right to know what personal information is collected;
  • The right to know whether their personal information is sold or disclosed and to whom;
  • The right to opt-out of the sale of their personal information;
  • The right to access their personal information;
  • The right to request the deletion of their personal information; and
  • The right to equal service and price, regardless if they exercise their privacy rights.

Furthermore, while not an explicit requirement under the CCPA, California consumers can sue a business if a personal information breach occurs and the business has not implemented appropriate technical and security controls.

Potential Risks

Fines + Enforcement

The California Attorney General has been vocal about enforcing the CCPA, and has the ability to levy stiff fines against businesses who violate the regulation. Penalties range from $2,500 to $7,500 per willful violation, and these can compound if an organization is unaware of a violation or is negligent in complying.

Private Right of Action

Plaintiffs can also seek between $100 and $750 per incident if a breach occurs. While limited to the breach provision under the CCPA, plaintiffs are testing the other aspects of the CCPA and whether the courts will award damages for other provisions under the CCPA.

Public Reputation + Consumer Trust

Consumer awareness surrounding how businesses are processing and handling their personal information is at an all-time high. Consumers are more likely to do business with companies they trust to protect their personal information and where processing activities are aligned with consumer expectations. The CCPA places the onus on businesses to comply and creates avenues for consumers and regulators to ensure that penalties ensue if businesses are not following the rules.

Records Audited

10 Billion+

Records Audited

Expert Witness 2

150+

Cases as an
Expert Witness

Companies Assessed 2

2,500+

Companies Assessed