Why it Matters:
- The California Attorney General’s Office recently made common types of consumer loyalty programs a target of enforcement.
- Compliance requirements include estimating the value of personal information collected through such programs and explaining that estimate to the consumer.
- This is an unusual and controversial requirement, and the consequences of noncompliance are about to become even more serious. Right now, the letters from the attorney general give those who are not incompliance with the CCPA a total of 30 days to fix their violations. However, when the California Privacy Rights Act amends the CCPA effective January 1, 2023, there will no longer be a mandatory
30-day period to fix violations, meaning that the attorney general can take enforcement action promptly if a violation is discovered.