- 1798.100 – Consumers right to receive information on privacy practices and access information
- 1798.105 – Consumers right to deletion
- 1798.110 – Information required to be provided as part of an access request
- 1798.115 – Consumers right to receive information about onward disclosures
- 1798.120 – Consumer right to prohibit the sale of their information
- 1798.125 – Price discrimination based upon the exercise of the opt-out right
March 16, 2021
Superior Court of Sacramento
Rodriguez, et al.
Putative class action against a bank. Defendant is alleged to have failed to adequately safeguard its customers' PII (including names, addresses, dates of birth, Social Security numbers, and financial account information) which allowed the unauthorized transfer of the PII by an employee to a third party. The alleged data breach was discovered by the bank on September 29, 2020 and affected customers were notified on November 19, 2020. Complaint alleges a violation of the CCPA § 1798.100 et seq.: failure to maintain reasonable security procedures sufficient to protect the customers' PII. Plaintiffs also bring various claims for negligence, negligence per se, bailment, breach of implied contract, violation of CA's Unfair Competition Law (Bus. & Prof. Code § 17200, et seq.), and violation of CA's Customer Records Act (Cal. Civ. Code §§ 1798.80, et seq.).