- 1798.100 – Consumers right to receive information on privacy practices and access information
- 1798.105 – Consumers right to deletion
- 1798.110 – Information required to be provided as part of an access request
- 1798.115 – Consumers right to receive information about onward disclosures
- 1798.120 – Consumer right to prohibit the sale of their information
- 1798.125 – Price discrimination based upon the exercise of the opt-out right
March 25, 2021
USDC Central District of California
Blain, et al.
Putative class action against a company that provides address verification services and payment processing. Defendant is alleged to have failed to protect plaintiffs' PII (names, addresses, license plate numbers, and vehicle identification numbers) from unauthorized disclosure and theft in a ransomware attack. The alleged data breach occurred on or about February 3 and 4, 2021. Complaint alleges a violation of the CCPA § 1798.100, et seq.: failure to implement and maintain reasonable security procedures sufficient to protect plaintiffs' PII. Plaintiffs also bring various claims for violation of the Driver's Privacy Protection Act (18 U.S.C. §§ 2721, et seq.), invasion of privacy (CA Constitution, Art. 1, § 1), and negligence.