Days after an enforcement action against menswear retailer Todd Snyder, the California Privacy Protection Agency said its board ordered National Public Data to pay a $46,000 fine, the maximum allowed. The now-closed data broker failed to register as a data broker and pay an annual fee, as the California Delete Act requires, the CPPA said Thursday.
No matter how aggressively the FTC under the Trump administration pursues privacy cases, state attorneys general are clearly ready to band together and enforce state laws, Safeguard Privacy General Counsel Andy Hepburn said Wednesday at the Privacy + Security Forum.
Correction: Todd Snyder agreed to pay a $345,178 fine to the California Privacy Protection Agency (see 2505050066).
The California Privacy Protection Agency (CPPA) dressed down national menswear retailer Todd Snyder with a $345,178 fine Tuesday for alleged violations of the California Consumer Privacy Act (CCPA).
The California Privacy Protection Agency (CPPA) dressed down national menswear retailer Todd Snyder with a $345,178 fine Tuesday for alleged violations of the California Consumer Privacy Act (CCPA). Closely following CPPA action last March against Honda, the Todd Snyder case is more than an enforcement action. It also “highlights a trend by this agency of looking beyond surface compliance with the CCPA,” Wiley privacy attorney Joan Stewart told us. The agency’s board adopted the enforcement decision May 1.
Comments are due June 2 on revised draft rules for the California Privacy Protection Agency’s rulemaking on automated decision-making technology (ADMT), risk assessments, cybersecurity, insurance and other rule changes, the CPPA decided Thursday.
The CPPA is pushing ahead with a rulemaking to implement a mechanism where consumers can request to delete their personal data, Executive Director Tom Kemp told the CPPA board at a livestreamed Thursday meeting. The agency announced last week that comments in the proceeding are due June 10 and there will also be a hearing that day (see 2504250012).
California Privacy Protection Agency Chairperson Jennifer Urban raised concerns Thursday about the extent of recent changes to draft rules on automated decision-making technology (ADMT), cybersecurity and other issues. “We’ve really cut to the bone, in terms of what is in line with the statute's requirements for the regulations we need to do, and in terms of the relative value to businesses and the relative value to the people … whose personal information is at stake,” she said at a livestreamed CPPA board meeting Thursday. Staff said the new draft reduced potential business costs in the first year by nearly two-thirds.
California and UK privacy regulators announced a formal cooperation pact Tuesday. The California Privacy Protection Agency signed a declaration of cooperation with the Information Commissioner’s Office (ICO), the CPPA said.
Privacy Daily is providing readers with the top stories from last week, in case you missed them. All articles can be found by searching on the title or by clicking on the hyperlinked reference number.