Law & Order PEPU: California’s new Privacy Enforcement and Protection Unit

Mintz - Privacy & Cybersecurity Viewpoints

Jake Romero]

In a move signaling increased enforcement of the state’s data privacy and security regulations, California’s Attorney General Kamala D. Harris has announced the creation of the Privacy Enforcement and Protection Unit.   The Privacy Unit will be staffed by California Department of Justice Employees, including six dedicated prosecutors, and will have broad authority to enforce federal and state laws relating to the collection, retention, disclosure and destruction of private and sensitive information, including medical, financial and government records, by individuals and public and private organizations.  Effective immediately, a number of California Justice Department programs related to identity theft enforcement and education will be absorbed by the Privacy Unit, in an effort to centralize and streamline California’s data privacy protection efforts.    For California consumers, the creation of the Privacy Unit will likely result in easier access to education materials for protecting personal data.  For businesses and organizations collecting, storing, transmitting or processing personally identifiable information, the Privacy Unit is one of many warning signs that California intends to take the enforcement of data privacy regulations seriously.

The creation of the Privacy Unit is the latest in a series of initiatives by the California Attorney General’s office intended to address growing concerns about data privacy.  In August 2011, Attorney General Harris announced the creation of the eCrime Unit, a division responsible for “investigating and prosecuting large scale identity theft and technology crimes with actual losses in excess of $50,000.  Earlier this year, the six largest companies offering platforms for mobile applications agreed to a set of principles, authored and developed by the Attorney General’s office, designed to ensure that mobile applications sold on such platforms comply with California’s Online Privacy Protection Act.  Last month, that set of mobile application privacy principles was expanded significantly when Facebook elected to sign on as well.

With the Privacy Unit in place, actions enforcing California’s data privacy regulations, which are among the strictest in the nation, are certain to increase.  “The Privacy Unit,” according to Attorney General Harris, “will police the privacy practices of individuals and organizations to hold accountable those who misuse technology to invade the privacy of others.”  Based on prior comments from Harris, such enforcement may include prosecutions under California’s Unfair Competition Law  and/or False Advertising Law, which imposes penalties of up to $500,000.   As a result, if you operate a business or organization using or accessing the personally identifiable information of others, time may be running out to ensure that you comply with California’s quickly evolving requirements.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Mintz - Privacy & Cybersecurity Viewpoints | Attorney Advertising

Written by:

Mintz - Privacy & Cybersecurity Viewpoints

Mintz - Privacy & Cybersecurity Viewpoints on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide

This website uses cookies to improve user experience, track anonymous site usage, store authorization tokens and permit sharing on social media networks. By continuing to browse this website you accept the use of cookies. Click here to read more about how we use cookies.