California fines clothing retailer, orders changes in privacy business practices
The California Privacy Protection Agency (CPPA) on Tuesday announced a six-figure fine and an order demanding significant business practice changes for a national clothing retailer which allegedly used a flawed privacy portal.
Todd Snyder, Inc. will have to pay $345,000 and fix poor technical infrastructure which led it to block consumers from opting out of the sale or sharing of their personal data, the CPPA said.
The firm also allegedly forced customers to give it more data than was needed to resolve their opt-out requests.
In addition to paying a fine, the company also agreed to properly configure its mechanisms for managing customer opt-out preferences, the CPPA said.
Officials at the retailer also have agreed to train its employees on CPPA compliance requirements.
“Opt-out rights are one way for Californians to assert control over their personal information and
protect themselves from real harms,” said Tom Kemp, the CPPA’s Executive Director. “Our Enforcement Division is scrutinizing what businesses are doing to honor Californians’ privacy rights.”
In March, the agency fined American Honda Motor Co. $633,000 and ordered changes to its business practices for violating the state’s privacy law. It also has recently fined several data brokers for failing to register as part of an enforcement sweep.
Suzanne Smalley
is a reporter covering privacy, disinformation and cybersecurity policy for The Record. She was previously a cybersecurity reporter at CyberScoop and Reuters. Earlier in her career Suzanne covered the Boston Police Department for the Boston Globe and two presidential campaign cycles for Newsweek. She lives in Washington with her husband and three children.