- 1798.100 – Consumers right to receive information on privacy practices and access information
- 1798.105 – Consumers right to deletion
- 1798.110 – Information required to be provided as part of an access request
- 1798.115 – Consumers right to receive information about onward disclosures
- 1798.120 – Consumer right to prohibit the sale of their information
- 1798.125 – Price discrimination based upon the exercise of the opt-out right
January 25, 2021
3:21-cv-01089-LAB-MSB (originally 3:21-cv-00572)
USDC Southern District of California
McClure, et al.
Putative class action against a bank. Defendant is alleged to have failed to securely store and transfer personal cardholder information associated with Employment Development Department ("EDD") debit accounts (including names or initials, account numbers, and any security codes, access codes, or passwords for financial accounts) resulting in unauthorized access to those accounts and theft. Complaint alleges a violation of the CCPA § 1798.100 et seq.: failure to implement and maintain reasonable security measures (including issuing EDD debit cards without EMV debit chip technology) sufficient to securely store and transfer cardholders' personal information. Plaintiffs also bring various claims for violations of the Electronic Funds Transfer Act (15 U.S.C. § 1693 et seq.), violations of CA Unfair Competition Law (Cal. Bus. & Prof. Code § 17200, et seq.), negligence, negligent performance of contract, negligent failure to warn, breach of contract, breach of contract (third-party beneficiaries), breach of implied contract, and breach of the implied covenant of good faith and fair dealing. Transferred from USDC Northern District of California to USDC Southern District of California.