The California Office of the Attorney General has published a list of recent CCPA enforcement examples on its website. Each example summarizes the AG’s allegation of noncompliance and the steps that the companies took to cure the alleged noncompliance.
Under CCPA, companies have 30 days to cure noncompliance after which the California AG may initiate a civil action for civil penalties not to exceed $2,500 for each violation or $7,500 for each intentional violation. In each example made public by the California AG, the AG stated that the target of the enforcement action cured the violation and the California AG did not assess penalties. In January 2023, however, the right to cure will sunset when the CPRA takes effect.