by Jeremy Feigelson, David Sarratt, Jim Pastore, Johanna N. Skrzypczyk, H. Jacqueline Brehmer, and Christopher S. Ford
On July 19, 2021, California Attorney General Rob Bonta announced his first-year enforcement update on the California Consumer Privacy Act (CCPA), and unveiled a tool to help the Attorney General’s office (CAAG)—the primary enforcer of the CCPA until the California Privacy Protection Agency takes over—identify CCPA violations.
Over a year ago, on July 1, 2020, the first day of enforcement, the CAAG sent a number of statutorily-required violation notices to companies, making clear that the CAAG planned to aggressively enforce the statute. Last week’s update is a clear continuation of this trend, with the CAAG introducing a new tool that California residents can use to easily report violations to the Attorney General’s office. The CAAG also put the market on notice by providing enforcement statistics and examples of potential enforcement actions. Both the tool and examples provide much-needed guidance on the CAAG’s enforcement priorities for the CCPA.