July 27, 2021
Partner Alysa Hutnik
, chair of the Privacy and Information Security
practice, was quoted in a recent Digiday
article pertaining to the California Consumer Privacy Act (CCPA), and how the California Attorney General is prioritizing enforcement on website cookies and trackers.
Enforcement letters have been flooding the inboxes of social media sites, advertisers, data brokers, and ad tech firms since it was formed in January of 2020. When violations regarding cookies and trackers are found to be unintentional, each one could result in a $2,500 fine. Intentional violations will result in a $7,500 fine.
The threat of counting each time a cookie is used as its own separate violation is probably more of a tactical means of incentivizing compliance than an actual plan for calculating penalties, said Hutnik. It is “unlikely” that penalties would be assessed that way. However, she said California’s Department of Justice has “a fair amount of flexibility” in how it might tabulate penalties; for instance, it could base them on the number of days a company is non-compliant, or according to an amount of data records affected.
Read the full article here