Calif. Privacy Agency Orders National Public Data to Pay $46K Fine
Days after an enforcement action against menswear retailer Todd Snyder, the California Privacy Protection Agency said its board ordered National Public Data to pay a $46,000 fine, the maximum allowed. The now-closed data broker failed to register as a data broker and pay an annual fee, as the California Delete Act requires, the CPPA said Thursday.
Sign up for a free preview to unlock the rest of this article
The CPPA announced in February that it was seeking the fine from the Florida-based data broker as part of an investigative sweep of Delete Act compliance (see 2502200041). Last October, the CPPA Enforcement Division filed a claim against National Public Data in the U.S. Bankruptcy Court for the Southern District of Florida, alleging that the company must pay an administrative fine for failing to register with the CPPA, the agency said.
Under state law, data brokers must pay $200 every day they fail to register with the CPPA. Companies that operated as data brokers in 2023 were required to register on Jan. 31, 2024. National Public Data registered 230 days late, on Sept. 18, the CPPA alleged.
The company filed for bankruptcy after confirming that a data breach in April 2024 exposed 2.9 billion records, including names and social security numbers.
“We will litigate and bring enforcement actions when businesses violate California's privacy laws,” said Michael Macko, the privacy agency’s head of enforcement.
The CPPA fined Todd Snyder about $345,000 for alleged CCPA violations earlier this week (see 2505050066).