- 1798.100 – Consumers right to receive information on privacy practices and access information
- 1798.105 – Consumers right to deletion
- 1798.110 – Information required to be provided as part of an access request
- 1798.115 – Consumers right to receive information about onward disclosures
- 1798.120 – Consumer right to prohibit the sale of their information
- 1798.125 – Price discrimination based upon the exercise of the opt-out right
January 28, 2021
3:21-cv-01087-LAB (originally 3:21-cv-00699-SK)
USDC Southern District of California
Wilson, et al.
Putative class action against a bank. Defendant is alleged to have failed to securely store and transfer cardholder PII, including issuing cards without EMV chip technology, resulting in unauthorized access, disclosure, and theft of PII and property. Complaint alleges a violation of the CCPA § 1798.150(a): Failure to implement and maintain reasonable security procedures sufficient to protect PII. Plaintiffs also bring various claims for violations of CA's Unfair Competition Law, violations of Elecronic Funds Transfer Act (15 U.S.C. § 1693 et seq.), negligence, negligent performance of contract, negligent failure to warn, breach of contract, breach of implied contract, breach of the implied covenant of good faith and fair dealing, and breach of contract (third-party beneficiaries.) Transferred from USDC Northern District of California to USDC Southern District of California.