Written by: Kimberlynn Wilson
California has traditionally presented a complex legal environment for employers. In recent years, numerous laws have been enacted and amended, introducing new obligations for employers and providing protections for both employees and consumers. To support these measures, California has established state agencies responsible for overseeing compliance, enforcement, and investigation of consumer claims. Recently, two state agencies have increased their enforcement efforts.
The California Privacy Protection Agency (“CPPA”) was established in 2020 following the enactment of Proposition 24, the California Privacy Rights Act (“CPRA”), which amends the California Consumer Privacy Act of 2018. The CPPA is responsible for overseeing and enforcing the law, providing education about consumers’ rights, and informing companies and businesses of their obligations under the law. A list of consumer rights for California residents and obligations for covered businesses is available on their website here.
In recent months, the CPPA has stepped up enforcement efforts and continues to target businesses for non-compliance with certain practices. One obligation that covered businesses must adhere to is providing consumers with a “clear and conspicuous” option to opt-out of the sale or sharing of their personal information for cross-context behavioral advertising. This Fisher Phillips article outlines a recent enforcement action by the CPPA against an automotive company for not meeting the opt-out requirements, resulting in a $375,000 fine.
Another California agency that has stepped up enforcement in recent months is the California Civil Rights Department (“CRD”). The CRD is responsible for overseeing and enforcing California’s Fair Chance Act (“FCA”), which imposes various obligations on employers concerning inquiries into criminal history and the consideration of criminal records in hiring and employment decisions.Over the past year, there has been an increase in administrative actions and lawsuits related to alleged FCA violations, prompting the CRD to enforce stricter compliance with FCA requirements.
This month, the CRD issued a press release announcing a $50,000 settlement with Tehama County concerning alleged FCA violations. The CRD received a complaint from a Tehama County applicant in 2024, alleging that Tehama County failed to notify the applicant of an initial decision to revoke a job offer and did not provide an opportunity for the applicant to present evidence of rehabilitation. The full press release can be accessed here.
As various California agencies, such as the CPPA and the CRD, continue to monitor and enforce their respective regulations, employers should review their data protection and privacy policies, as well as their background screening forms and procedures.
How can Validity assist?
Our Compliance Automation Software (CAS) offers a streamlined and secure solution to help manage and efficiently administer your Fair Credit Reporting Act (FCRA) required documents, as well as other state-specific disclosures. To learn more about CAS, please call 913.322.5999 or email clientservices@validityscreening.com to connect with a member of our Client Experience team.
