California Consumer Privacy Act of 2018: consumer remedies.
The proposed changes under SB561 are significant as they remove the existing 30-day period required for businesses to remedy violations after being notified. By eliminating this cure period, the bill streamlines legal actions that consumers can take against businesses for privacy violations, potentially increasing the number of lawsuits filed. Furthermore, the bill empowers the Attorney General to provide resources and guidance to businesses for compliance, which may help in establishing clearer standards for protecting consumer data.
SB561, introduced by Senator Jackson, aims to amend the California Consumer Privacy Act of 2018 by enhancing consumer protections related to personal information. This bill extends the civil action rights of consumers whose personal data is subject to unauthorized access or failure by businesses to maintain reasonable security measures. Effective from January 1, 2020, it allows consumers to sue for damages in cases where their nonencrypted or nonredacted information has been compromised, broadening the scope of rights previously available under the act.
The bill has sparked debates regarding the balance between consumer protection and the burdens placed on businesses. Proponents argue that stronger enforcement mechanisms strengthen consumer rights and deter businesses from neglecting data security. Critics, on the other hand, raise concerns that such measures may lead to an overwhelming number of lawsuits against businesses, particularly small ones, thereby stifling innovation and economic growth. The conversations surrounding SB561 reflect ongoing tensions in the legislative process related to data privacy and consumer rights.