On Friday, January 28, the world celebrated its 16th Data Protection/Privacy Day. As the privacy community capped off a week of programming and gazed into the future of potential data privacy enforcement [1], the celebrations were quickly overshadowed by California Attorney General Rob Bonta, who announced that his office was targeting businesses operating loyalty programs for potential enforcement actions. According to Bonta, his office issued “notices to business[es] that operate loyalty programs and use personal information in violation of California’s data privacy law.” [2] Accordingly, it is expected that a plethora of businesses may soon receive notices of noncompliance. Once a business receives a notice of noncompliance, that business will have 30 days to cure or fix the alleged violation before an enforcement action is initiated. Enforcement actions may result in penalties of up to $7,500 per violation, which can quickly accrue to significant amounts.

Click here to read the full blog post.