The California Consumer Privacy Act (CCPA) has been a key compliance focus for companies worldwide since its enactment in 2018. While efforts have largely focused on the act's privacy requirements (developing privacy policies and notices, establishing means for responding to consumer requests, etc.), perhaps the greatest potential threat the CCPA poses is its private right of action for data security breaches. Under the CCPA, consumers may be able to sue for statutory and other damages based on claims that their personal information was accessed by an unauthorized person and exfiltrated, stolen or disclosed as a result of a violation of a business' duty to implement and maintain reasonable security procedures and practices. In this webinar, we will explore the parameters of that right of action—allegations that have or may be brought and how to defend against them—as well as describe proactive measures businesses can take to protect personal information from unauthorized access through reasonable security procedures and practices.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.