Jun 13, 2019
FTC Cracking Down on Lax Data Security
On June 12, 2019, the Federal Trade Commission (FTC) settled with LightYear Dealer Technologies, LLC (LightYear) over a major data breach that occurred in October of 2016 [...]
Earlier this month, several California Consumer Privacy Act (CCPA) amendment bills took the first step towards becoming law by receiving passing votes from their designated committees. On May 16th, the Senate Appropriations Committee placed one of the more significant bills—the Attorney General backed SB 561—in its suspense file.
If passed, SB 561 would have: (1) expanded the CCPA’s private right of action to cover all violations (not just data breaches of unencrypted personal information); (2) eliminated the 30-day opportunity for businesses to cure a violation before being sued; and (3) removed the provision that allows businesses or third parties to seek the opinion of the AG’s office on ambiguities in the CCPA’s requirements.
The bill was previously approved by the Senate Judiciary Committee by a 6-2 vote; however, the 6-0 vote by the Appropriations Committee to place SB 561 in its suspense file effectively blocks it from becoming law in 2019. This is good news for businesses that were justifiably worried about the potential abuse of an expanded private right of action, similar to what we’ve seen recently under the Telephone Consumer Protection Act (TCPA).