Data Breach Notification Laws

With less than one month to go before the California Consumer Privacy Act of 2018’s (“CCPA”) effective date of January 1, 2020, businesses should be aware of the potential litigation that awaits them.

The CCPA is a California privacy law that gives California consumers the rights to know about and control the personal information that businesses collect about them.  In turn, the CCPA requires businesses to give consumers the ability to effectuate these rights.  For a more in-depth review of the CCPA, please view our previous posts on our Privacy Law Blog

In 2017, there are few words that make companies – and their counsel – shudder more than “data breach.” Recent high-profile breaches and the resulting litigation have shown that breaches can be embarrassing, harmful to a company’s brand, and extremely expensive to handle – both in terms of response costs and, potentially, damages paid to the affected individuals, third parties, and regulators. As headline-grabbing security incidents increasingly become a fact of life, litigators need to develop familiarity with the issues associated with data breaches so they can be prepared to walk their clients through the aftermath. This is the first in a series of blog posts about what commercial litigators need to know about data breaches.