COVID-19 and The California Consumer Privacy Act (CCPA)

Snell & Wilmer

Snell & Wilmer

California Attorney General's Office Will Not Delay Enforcement Amidst Pandemic Concerns

The California Attorney General’s (AG) office has recently signaled that it will not delay enforcing the California Consumer Privacy Act (CCPA), the state’s recently enacted data privacy regulations, amidst growing concerns about COVID-19 and the spread and impact of the pandemic. As of today, the CCPA’s enforcement will begin when the rules are finalized, or at the very latest by July 1, 2020. On March 17, a coalition of 35 businesses in the advertising sector sent a letter to AG Xavier Becerra with a request that the CCPA’s enforcement be delayed. The coalition explained that a temporary deferral of enforcement would help alleviate the pressure and stress that organizations are currently facing due to COVID-19. On March 20, the coalition sent a revised letter to AG Becerra, as its numbers had increased to include 60 businesses.

The AG’s office acknowledged concerns presented in the letter, but ultimately declined to delay the CCPA’s enforcement. Specifically, an advisor to AG Becerra said that their office is “committed to enforcing the law upon finalizing the rules or July 1, whichever comes first.” The advisor further explained that the AG’s office is “mindful of the new reality created by COVID-19 and the heightened value of protecting consumers' privacy online that comes with it [and] encourages businesses to be particularly mindful of data security in this time of emergency.”

As businesses increasingly move to remote work setups and virtual collaboration due to COVID-19 and social distancing practices, evaluating and implementing data privacy measures may become that much more important. The California AG’s position on enforcement signals the importance of establishing those telework relationships responsibly, and ensuring that data protection hygiene is improved during the COVID-19 crisis rather than relegated to a lower priority. In light of increasing cyberattacks during the pandemic, social engineering and fraud and the added cybersecurity risks that flow from more people working remotely, protecting personal information and other sensitive data may be an investment against multiple hazards. The California AG has clarified that the risks of investigation and fines under the CCPA are among them.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Snell & Wilmer | Attorney Advertising

Written by:

Snell & Wilmer

Snell & Wilmer on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide

This website uses cookies to improve user experience, track anonymous site usage, store authorization tokens and permit sharing on social media networks. By continuing to browse this website you accept the use of cookies. Click here to read more about how we use cookies.