CCPA: Proposed Amendments May Lead to Increased Headache for Businesses

For instance, Assemblymember Buffy Wicks is sponsoring AB 1790, a measure that would allow consumers to sue companies that violate the law and would require companies to reveal the information they collect, how they use it and to whom they sell it.  The measure would also require companies to obtain opt-in consent from consumers before sharing or selling the consumers’ data.

Sen. Hannah-Beth Jackson and state attorney general Xavier Becerra introduced SB 561, which would remove a provision of the law that allows companies to avoid litigation if they fail to notify consumers of data breaches within 30 days, and Republication law makers introduced AB 1035, AB 1138, and AB 288 that would respectively require companies to provide notice of data breaches within 72 hours; obtain parental consent before allowing children under the age of 16 to obtain social media accounts; and permanently scrub personal information from social media databases if requested by users who close their accounts.

In what might be the most significant potential change to the CCPA, Gov. Gavin Newsom indicated in his State of the State address in February that he would be introducing a proposal that would require companies to pay consumers for the use of their data.

But data privacy experts question whether this requirement would actually compromise consumers’ rights to their data because consumers would have no choice but to allow companies to use their information.  Moreover, it is unclear how lawmakers would determine the value of the data and how consumers would be compensated.  For instance, would companies provide direct payments or discounts to consumers, or should the government impose a tax on companies’ use of the data and develop a way of returning those dollars to consumers?

With at least 25 states considering consumer data privacy legislation this year, how California lawmakers resolve the issues presented by each proposed amendment to the CCPA will certainly impact lawmakers nationwide.

As the CCPA and other data privacy legislation is adopted and amended, the Benesch  Data Security and Privacy team is committed to staying at the forefront of knowledge and experience to assist our clients in complying with legal obligations.  We are available to assist you with any compliance efforts.  You may reach Michael Stovsky at 216-363-4626 or mstovsky@beneschlaw.com and Alison Evans at 216-363-4168 or aevans@beneschlaw.com.