- 1798.100 – Consumers right to receive information on privacy practices and access information
- 1798.105 – Consumers right to deletion
- 1798.110 – Information required to be provided as part of an access request
- 1798.115 – Consumers right to receive information about onward disclosures
- 1798.120 – Consumer right to prohibit the sale of their information
- 1798.125 – Price discrimination based upon the exercise of the opt-out right
January 26, 2021
3:21-cv-01088-LAB (originally 3:21-cv-00615)
USDC Southern District of California
Oosthuizen and Mathews, et al.
Putative class action against a bank. Defendant is alleged to have failed to protect Plaintiffs' and class members Employment Development Department ("EDD") debit accounts and associated personal information (including but not limited to names and initials, account numbers, and any security codes, access codes, or passwords for financial accounts) from fraudulent access and theft by unauthorized parties. Complaint alleges a violation of the CCPA §§ 1798.100 et seq.: failure to implement and maintain reasonable security measures (including issuing EDD debit cards without EMV debit chip technology) sufficient to securely store and transfer cardholders' sensitive personal information. Plaintiffs also bring various claims for violations of CA's Customer Records Act (Cal. Civ. Code §§ 1798.80, et seq.), violations of CA's Unfair Competition Law (Cal. Bus. & Prof. Code § 17200, et seq.), negligence and negligence per se, breach of fiduciary duty, breach of contract, breach of implied contract, breach of the implied covenant of good faith and fair dealing, breach of contract (third-party beneficiaries). Transferred from USDC Northern District of California to USDC Southern District of California.