Close Menu

Investigative Sweep Seeks to Enforce California Consumer Privacy Act

Investigative Sweep Seeks to Enforce California Consumer Privacy Act

Privacy is a top concern in today’s world. As quickly as security protocols are developed, hackers are looking for ways to bypass those protocols and access sensitive data. In many cases, hackers don’t have to worry about advanced security procedures; companies blatantly ignore security requirements and leave consumers’ data up for grabs. This is the focus of the California Privacy Rights Act, which went into effect in 2023 and overhauled the California Consumer Privacy Act. At the Law Offices of Robin D. Perry, we’ve seen how this act has changed how businesses protect their consumers’ and employees’ data. The most recent surprise sweep targeted employers.

This sweep came as a surprise to many employers across California. The exemption that excluded data collected during recruitment and employment expired in January 2023, so a surprise sweep in July 2023 is a clear sign that the California Privacy Protection Agency is making enforcement of the CPRA a high priority.

If you believe that your private information has been misused or incorrectly stored, we can help. Call the consumer rights attorneys at the Law Offices of Robin D. Perry & Associates at 562-216-2944.

July 2023 Sweep Focused on Employers’ Protection of Employees’ and Applicants’ Data

The crackdown announced in July 2023 is under the jurisdiction of the California Attorney General’s office. The primary focus of this sweep is how employers handle employees’ and job applicants’ personal information. The purpose should be obvious—potential and current employees share a wide range of personal information with employers, both during the application process and during employment. Even one rogue party gaining access to that information could lead to stolen identities and other dangerous outcomes.

With this sweep, the Attorney General hopes to verify that employers are in compliance with the requirements as laid out by the CCPA. This includes the data that employers collect, how they process it, and how they protect it from unauthorized access. While reaching out to employers, the AG looked for information on which types of data were collected, how employers have chosen to store and protect this information, how employers are currently using this information, and if employees and applicants are informed of their rights under California law.

How the Sweep is Conducted

This investigative sweep gives the AG an in-depth look at how employers handle sensitive data. The Attorney General’s office sends inquiry letters to employers requesting information on their CCPA compliance measures. While businesses of any size can be targeted, as long as they meet the requirements of the CCPA, this initial investigative sweep seems to target large California employers. The Attorney General’s office may also conduct on-site audits if they are deemed necessary; these audits are useful in assessing the actual security of applicant and employee data.

If issues are detected, the AG may opt to go further with their probe. They may speak with employees and job applicants to get further information on what data was requested of them when they applied for the job or while working for the company.

Potential Outcomes

Outcomes of an investigative sweep vary, and as this is the first real sweep since the January 2023 enactment of the CPRA, time will tell how the Attorney General decides to proceed with the information they gather. Compliant companies may receive notifications of compliance, essentially letting them off the hook for the rest of the sweep. If they find employers are non-compliant with the CCPA, they may send warnings alerting them to address issues before they are fined. However, the Attorney General could also move immediately to fine non-compliant companies without giving them a chance to take corrective action.

If companies are guilty of serious or repeat violations of the CCPA, the Attorney General may pursue legal action against them.

Your Options If Your Data Has Been Leaked

Employees and job applicants have a lot to lose if their data is not properly protected. You may have a case against an employer if their handling of your data caused you harm. At this point, it’s important to talk to an attorney to find out if you have a case.

Talk to the Consumer Rights Lawyers at the Law Offices of Robin D. Perry & Associates About Your Legal Options

If your data has been mishandled or misused, don’t wait any longer to explore your legal options. The consumer rights lawyers at the Law Office of Robin D. Perry & Associates is here to help you. Call us at 562-216-2944 or reach out online to set up a consultation.

Facebook Twitter LinkedIn
Contact Our Trusted
Legal Team Today!
Let's Discuss Your Case
protected by reCAPTCHA Privacy - Terms