July 30, 2021

Privacy: CA AG Enlists Residents to Provide Non-Compliance Notices

If your company is subject to the CCPA, your compliance efforts are probably about to get more complicated. Here’s the intro from this Hogan Lovells memo:

On July 19, California’s recently appointed Attorney General, Rob Bonta, announced the launch of an interactive tool to aid consumers with drafting notices of non-compliance for businesses who fail to publish the “Do Not Sell My Personal Information” link (DNS link) required by the California Consumer Privacy Act (CCPA).

According to the AG, the consumer notice “may trigger” the 30-day cure period businesses enjoy before becoming subject to enforcement actions for non-compliance. Questions remain about use of resident-led notices of non-compliance, including whether this novel approach satisfies CCPA notice requirements or whether it may foster spamming and other abuses.

Liz Dunshee