Walmart: Always Low Prices, but Perhaps Not Always CCPA Compliant
Shortly after the California Consumer Privacy Act (“CCPA”) began enforcement on July 1, a California resident filed a class-action lawsuit that Walmart was hacked and the personal information, including his and other credit card data provided to the company is being sold on the dark web. He and other plaintiffs in the case claim they have been forced to purchase credit and personal identity monitoring services to protect against further identity theft. Walmart claims that it was not hacked and that it is not the source of the data on the dark web.
The CCPA provides for a penalty of up to $750 per consumer, per incident in the event of a data breach. This makes the CCPA unique, as California is the only state that allows consumers to file such lawsuits against companies (in other states and countries consumers do not have a “private right of action”, governmental regulatory agencies have the exclusive jurisdiction to pursue action against companies when an alleged data breach occurs).
As we’ve reported before, several other companies have been sued for alleged violations of the CCPA, such as Minted and Plaid. However, Walmart is the most high-profile CCPA lawsuit to date, and will likely raise consumer awareness on the topic of data privacy rights. Given that Walmart is the world’s largest retailer, the potential penalties it faces in this case could be catastrophic.
Given some of the ambiguities in the law, these lawsuits will start to establish the case law effecting CCPA enforcement. Those businesses taking a wait-and-see approach are exposing themselves to financial risk due to the significant financial penalties for noncompliance.
Key Takeaway
Consumers can and are using the newly enforceable CCPA to sue companies that have allegedly mishandled their data. Walmart is the latest company to be slapped with a lawsuit, and we’ll surely see more in the future. Clym can help! We offer a cost-effective, scalable, easy-to-implement platform that can help get your website compliant with CCPA, GDPR, and other data privacy laws from a global perspective.
How can Clym help with CCPA compliance?
Clym believes in striking a balance between digital compliance and your business needs, which is why we offer businesses the following:
- All-in-one platform: One interface combining Privacy and Accessibility compliance with global regulations, at an affordable price;
- Seamless integration into your website;
- Adaptability to your users’ location and applicable regulation;
- Customizable branding;
- ReadyCompliance: Covering 30+ data privacy regulations;
- Six preconfigured accessibility profiles, as well as 25+ display adjustments that allow visitors to customise their individual experience.
You can convince yourself and see Clym in action by booking a demo or reaching out to us to discuss your specific needs today.