- 1798.100 – Consumers right to receive information on privacy practices and access information
- 1798.105 – Consumers right to deletion
- 1798.110 – Information required to be provided as part of an access request
- 1798.115 – Consumers right to receive information about onward disclosures
- 1798.120 – Consumer right to prohibit the sale of their information
- 1798.125 – Price discrimination based upon the exercise of the opt-out right
February 26, 2021
USDC Northern District of California
Price, et al.
Putative class action against a cloud service provider. Defendant is alleged to have failed to properly secure and safeguard PII (including names, social security numbers, driver's license or state identification numbers, dates of birth, bank account numbers, and medical information) stored or shared on its file transfer service on the cloud. Data breach(es) is/are alleged to have occurred during December 2020 and January 2021. Defendant is further alleged to have failed to adequately warn customers of its inadequate security. Plaintiffs bring various claims for violation of CA's Unfair Competition Law §§ 17200 et seq. (including violation of the Confidentiality of Medical Information Act ("CMIA") (CA Civ. Code § 56, et seq.), violation of the Customer Records Act ("CRA") (CA Civ. Code §§ 1798.80, et seq.), violation of the CCPA (CA Civ. Code §§ 1798.100, et seq.), Section 5 of the Federal Trade Commission Act, and other state data security laws), and negligence.