MONTH-IN-BRIEF (Aug 2022)
CCPA Settlement: Retailer Accused of Violation of Privacy Laws Agrees to Pay $1.2 Million Penalty to California Attorney General
By Alan S. Wernick, Esq., Aronberg Goldgehn
In the California Attorney General’s (“CAG”) ongoing enforcement of the California Consumer Privacy Act of 2018 (“CCPA”), retailer Sephora USA, Inc. (“Sephora”), entered into a recent settlement agreement to resolve allegations that they violated the CCPA. Sephora, without making any admissions concerning allegations against it, agreed to, among other things, the following:
- Pay CAG $1.2 million dollars in penalties.
- Clarify Sephora’s online disclosures and privacy policies to include an affirmative representation that it sells consumers’ data, and provide processes for consumers to opt out of the sale of personal information, including via the Global Privacy Control.
- Provide reports to the CAG relating to Sephora’s sale of personal information and its efforts to honor Global Privacy Control. These reports will include the identities of all entities to which Sephora makes available the consumer’s personal information, and whether such entity is considered, under CCPA, to be a service provider.