California Legislation Updates

California Provides Defendants Additional Exemptions from Slack Fill Liability

Geoff Pittman
November 27, 2018

In response to an ever-increasing number of class action lawsuits claiming consumer deception based on the amount of empty space in product packaging, California recently amended its slack fill statutes to provide manufacturers with additional exemptions to avoid liability. For those who are unfamiliar, slack fill is defined as non-functional empty space in opaque product packaging. Federal regulations (21 C.F.R. § 100.100) and California law (California Business and Professions Code Sections 12606 and 12606.2) generally prohibit “non-functional slack fill,” subject to certain exemptions for companies to avoid liability for functional slack fill in their products. The argument frequently raised by plaintiffs is that the non-functional space in food and beverage products misleads consumers, causing them to think that they are buying more product than they actually receive. These lawsuits have had limited success on the merits, but still present risk for food and beverage companies given litigation costs and precedent allowing some cases to proceed beyond the motion to dismiss phase of litigation.

Before the recent California amendment, the exemptions for functional slack fill included protecting the contents in the package, machine requirements to close packaging, and to allow for settling during shipping, among others. California Assembly Bill 2632, which was recently signed into law by Governor Brown, provides defendants with several new exemptions from liability, in an attempt to reduce the spate of largely unsuccessful class action lawsuits. Specifically, Assembly Bill 2632 amends California Business and Professions Code Sections 12606 and 12606.2 to provide the following new exemptions:

(1) exempts packaging that does not allow the consumer to view or handle the physical container or product (i.e., products sold online);

(2) exempts product packaging that clearly and conspicuously depicts the product “fill line” on the exterior packaging or the immediate product container if visible at the point of sale; and

(3) exempts food containers where the actual size of the product is clearly and conspicuously displayed on exterior packaging (excluding the bottom), accompanied by a clear and conspicuous disclosure that the depiction is the “actual size” of the product.

These exemptions will provide defendants with additional defenses to slack fill claims in California and are a welcomed development given the large number of costly slack fill claims being raised year in and year out. Food and beverage companies in particular should review their product packaging and take steps to ensure that any slack fill in their product packaging falls under one of the exemptions provided for under California law. Hopefully, the additional clarity and exemptions provided by AB 2632 will curtail the continued explosion of consumer class action lawsuits alleging slack fill violations.

California Passes Law Requiring Data Breach Notification for Stolen Encryption Keys

Everett Monroe
September 14, 2016

Governor Brown signed into law AB 2828, which will update California’s breach notification statute.  The law addresses encrypted Personally Identifiable Information that has been breached in the event that the encryption keys are also compromised. The law will go into effect January 1st.

AB 2828 seeks to close a loophole in California’s current data breach notification law, Civil Code Section 1798.82, under which a business must notify affected persons of a data breach where unencrypted personal information is lost. Presently, Section 1798.82 does not expressly require notification where the lost data was encrypted and the encryption key was also lost or improperly disclosed. That data would be at as much risk as unencrypted information, but there is no requirement to notify affected individuals. But requiring companies to report all data breaches where encrypted information was lost but the key remains secure may result in notifications to individuals who are not in serious risk of identity theft, fraud, or loss of privacy.

Continue reading California Passes Law Requiring Data Breach Notification for Stolen Encryption Keys