Privacy & Cybersecurity
U.S. Privacy and Data Protection | Insights |
U.S. Privacy and Data Protection | Insights | June 2024 (State Law) Data breaches are on the rise, no matter the size or reputation of your business. If you are...
Read ArticleJuly 26, 2024
Associate
Information obtained from the July 2024 California Privacy Protection Agency (CPPA) board meeting puts a spotlight onto the growing enforcement activity in the California privacy space. Here's a focused look at the active investigations and how companies can prepare:
Active Investigations and Growing Enforcement
Michael Macko, Deputy Director of the CPPA's Enforcement Division, revealed that the agency is currently engaged in “double digit” investigations. This indicates a significant increase in enforcement activity compared to the three public enforcement actions brought by the California Attorney General's Office to date. The 2,176 consumer complaints filed within the last twelve months with CPPA provides one explanation, in addition to a likely growing enforcement appetite as the CPPA builds out and matures its investigative and enforcement mechanisms.
These investigations can be time-consuming and costly for parties that are ill-prepared to deal with them. They can take many months, are often intrusive, and can even sometimes lead to litigation.
How to be Prepared for a CPPA Investigation
The best way to prepare for a CPPA investigation is to develop and implement robust compliance controls, policies, and procedures. CPPA has highlighted areas of focus and priorities in their growing enforcement strategy:
How to Get Ahead of Enforcement
Monitor Enforcement Advisories: Stay informed about CPPA enforcement advisories and act on them promptly. These advisories highlight issues observed by the Enforcement Division and serve as putting the regulated businesses on notice for potential compliance issues. When you see an advisory, it is an opportunity for self-critical assessment. Ignoring or not acting on enforcement advisories may be used against you to prove intent and state of mind, which are considerations for enhanced administrative fines and penalties.
Be Cooperative: If contacted by the CPPA, respond in a timely manner and demonstrate good faith efforts to comply. This approach can facilitate a more cooperative relationship with regulators and potentially lead to reduced penalties, should your investigation go sideways. Most investigations start with evidence gathering, where a business may receive a call or an inquiry to provide basic information about a consumer complaint and resolution. More formally, CPPA may send a business a subpoena or other legal process for information. Protecting your interests with good legal consultation is crucial.
By focusing on CPPA priorities, your business can better position itself to withstand potential CPPA investigations, as well as demonstrate your commitment to compliance with California privacy laws.
Kronenberger Rosenfeld remains committed to helping clients navigate these complex regulatory waters to build robust privacy programs, and to prepare and handle enforcement issues along the way. If you need assistance for your business, contact our firm using our online case submission form here.
This entry was posted on Friday, July 26, 2024 and is filed under Privacy and Data Protection Updates, Internet Law News.
Privacy & Cybersecurity
U.S. Privacy and Data Protection | Insights | June 2024 (State Law) Data breaches are on the rise, no matter the size or reputation of your business. If you are...
Read ArticlePrivacy & Cybersecurity
Federal and state regulators are continuing to review business data collection and use practices, which is a signal to companies using large amounts of data to review their practices. In...
Read ArticlePrivacy & Cybersecurity
The United States continues to see an expansion of privacy and data protection laws being passed, and it remains important to be aware of each state’s updates. Recent Updates: Earlier...
Read ArticlePrivacy & Cybersecurity
Data minimization is a fundamental principle and growing trend in various data privacy laws, including the California Consumer Privacy Act (CCPA). But what is this concept of “data minimization” and...
Read ArticleGet legal help now
Submit your case in 3 minutes and get legal help fast.
Give us a call