The California Consumer Privacy Act includes a door to a private right of action, and plaintiffs are eager to jiggle the latch. After all, potential awards for statutory damages lay just beyond. But ostensibly easy access to a handsome payout appears to be bolted with a “combination lock” of sorts, requiring calculated pleading and legal clarification.
The first round of CCPA class actions reveal that plaintiffs have yet to pick the lock, but that won’t stop them from testing theories and challenging assumptions.
As written, the CCPA limits consumers’ actions to security breaches attributable to a business’s “violation of the ...