California fines clothing retailer, orders changes in privacy business practices

The California Privacy Protection Agency (CPPA) on Tuesday announced a six-figure fine and an order demanding significant business practice changes for a national clothing retailer which allegedly used a flawed privacy portal.

Todd Snyder, Inc. will have to pay $345,000 and fix poor technical infrastructure which led it to block consumers from opting out of the sale or sharing of their personal data, the CPPA said.

The firm also allegedly forced customers to give it more data than was needed to resolve their opt-out requests.

In addition to paying a fine, the company also agreed to properly configure its mechanisms for  managing customer opt-out preferences, the CPPA said.

Officials at the retailer also have agreed to train its employees on CPPA compliance requirements.

“Opt-out rights are one way for Californians to assert control over their personal information and

protect themselves from real harms,” said Tom Kemp, the CPPA’s Executive Director. “Our Enforcement Division is scrutinizing what businesses are doing to honor Californians’ privacy rights.”

In March, the agency fined American Honda Motor Co. $633,000 and ordered changes to its business practices for violating the state’s privacy law. It also has recently fined several data brokers for failing to register as part of an enforcement sweep.