Arbonne breach to test the California Consumer Privacy Act 

Arbonne breach to test the California Consumer Privacy Act 

According to reports, an April 23 breach into the databases of multi-level marketing company Arbonne International exposed personally identifiable information for some 3,500 California residents.  While such occurrences are sadly not all that shocking these days, this breach will likely be one of the first tests for the California Consumer Privacy Act (CCPA), which protects “consumer rights relating to the access to, deletion of, and sharing of personal information that is collected by businesses.”

One aspect that will likely garner close attention will be the size of the penalties issued under the CCPA and what they could mean for Arbonne’s future. Intentional violations of the California Consumer Privacy Act can bring civil penalties of up to $7500 for each violation in a lawsuit brought by the California Attorney General on behalf of the people of the State of California. The maximum fine for other violations is $2500 per violation.

Almost half of a four-page information sheet from Arbonne describing the hack makes multiple references to the California statute, and how the company is adhering to the requirements of Cal. Civ. Code 1798.82 (h)(2).

Arbonne disclosed that on April 23 it discovered a “data table containing limited personal information may have been accessible to [an] unauthorized actor.” The company provided preliminary notification to the impacted 3,527 California individuals, among others not mentioned in the announcement. By May 22, the California residents received additional written details about what happened and how their passwords may have been compromised. Other compromised information included user name and address.

California consumers whose information had been exposed are being offer free credit monitoring and protections against identity theft, both as required by the statute. Arbonne reported the incident to the FBI and relevant regulators, and is continuing the investigation.

About the Author

Chris Versace, Chief Investment Officer
I'm the Chief Investment Officer of Tematica Research and editor of Tematica Investing newsletter. All of that capitalizes on my near 20 years in the investment industry, nearly all of it breaking down industries and recommending stocks. In that time, I've been ranked an All Star Analyst by Zacks Investment Research and my efforts in analyzing industries, companies and equities have been recognized by both Institutional Investor and Thomson Reuters’ StarMine Monitor. In my travels, I've covered cyclicals, tech and more, which gives me a different vantage point, one that uses not only an ecosystem or food chain perspective, but one that also examines demographics, economics, psychographics and more when formulating my investment views. The question I most often get is "Are you related to…."

Comments are closed.