On February 22, 2024, California Attorney General Rob Bonta issued letters (the “AG Letter”) to California’s 197 state-chartered banks and credit unions warning that overdraft and returned deposited item fees may violate California’s Unfair Competition Law (UCL) and the federal Consumer Financial Protection Act (CFPA). The AG Letter encourages the institutions to review their practices and policies regarding: “(1) surprise overdraft fees, which are assessed even when a consumer cannot reasonably anticipate that a debit or checking transaction will overdraw their account; and (2) returned deposited item fees, which are assessed when a consumer deposits a check that is returned, even when the consumer has no knowledge of or control over the circumstances that caused the check to be returned.”… Continue Reading
California Attorney General
California Attorney General Shows No Sign of Slowing CCPA Rulemaking with Fourth Set of Proposed Modifications
The California Attorney General’s Office recently released a fourth set of proposed regulatory modifications to the California Consumer Privacy Act (the “CCPA”).
As background, the Attorney General’s Office had only just recently given notice of a third set of modifications on October 12, 2020. The third set of modifications revised the regulations relating to the notice of a consumer’s right to opt-out of the sale of their personal information. … Continue Reading
California Poised to Enact Internet of Things Information Security Law
California is once again poised to set the standard for privacy and data security by enacting the first state law directed at securing Internet of Things (IoT) devices. The law has passed the state legislature and is awaiting the signature of Governor Jerry Brown. It requires manufacturers of “connected devices” to equip them with “a reasonable security feature or features” that are:
- appropriate to the nature and function of the device;
- appropriate to the information the device may collect, contain or transmit; and
- designed to protect the device and any information contained in it from unauthorized access, destruction, use, modification, or disclosure.