April 17, 2012 Articles

Shine-the-Light Law: California's Latest Class-Action Trend

Until now there has been little guidance in creating litigation-proof privacy policies.

By John W. McGuinness and Christina J. Weis – April 17, 2012

California’s courts have long been fertile ground for plaintiffs’ attorneys pursuing class actions under consumer-protection statutes such as the state’s Unfair Competition Law (UCL) and the Song-Beverly Credit Card Act. Continuing this trend, in the last several months more than a dozen putative class actions have been filed under the relatively obscure Shine-the-Light Law, California Civil Code § 1798.83. The Shine-the-Light Law, which provides for a civil penalty of up to $500 per violation, and up to $3,000 per willful, intentional, or reckless violation, as well as attorney fees and costs, allows individuals to learn about how businesses sell their personal information. Under the law, which was passed in 2003, companies that do business with California residents have to either allow customers to opt out of information sharing, or make a detailed disclosure of how personal information was shared for direct-marketing purposes. The absence of any case law under section 1798.83, however, has left businesses tasked with compliance with little to guide them apart from the text of the statute itself. This may soon change. The recently filed suits generally allege that defendants violated the Shine-the-Light Law by not providing California residents with necessary information to find out what information of theirs has been shared. Until courts determine whether consumers may collect civil penalties for violations of the statute, precise compliance with its technical requirements is critical as plaintiffs' lawyers will look for any opportunity to sue regardless of how well-intentioned and proactive companies have been about their privacy policies and efforts.

Premium Content For:
  • Litigation Section
Join - Now