In a landmark disclosure that will put the burning issue to bed in the eyes of the public, state Attorney General Rob Bonta has said Sephora Inc., one of the world’s largest cosmetics retailers, has settled a lawsuit claiming that the company sold customer information without proper notice in violation of the California’s landmark consumer privacy law.
State officials noted that Sephora failed to tell customers that it was selling their personal information, failed to allow customers to opt out of that sale, and didn’t fix the problem within 30 days as required by the law, even after it was notified of the violation.
However, according to Bonta, the company agreed to pay $1.2 million and immediately correct the problem under the settlement, the state’s first such enforcement action under the California Consumer Privacy Act.
In a statement, Sephora said it is already complying with the state law after cooperating with Bonta’s office.
Bonta said “Data is power, and these days everyone wants it. Some of the most intimate details about your life are being harvested.
“The more data a company has on you, the more power they have over you, the more they can target you to buy their goods and services.”
However, state law gives consumers a way to block that collection and sale. Records have it that the act was passed by state lawmakers in 2018 and expanded by voters in 2020. It gives California, home to Silicon Valley, what is viewed as the strongest U.S. data privacy law, providing consumers with the right to know what information companies collect about them online, to get that data deleted and to opt-out of the sale of their personal information.
In a recent move, the Attorney General’s office has warned more than 100 companies that they were out of compliance and sent more than a dozen new notices. Bonta said the “vast majority” complied, but not Sephora, which sells cosmetics, perfumes, beauty and skincare products in 2,700 stores in 35 countries.
The AG continued that “Their actions compared to others was egregious,” adding that the settlement should be a warning to other companies that don’t comply.
The company, which was founded in France and has its U.S. headquarters in San Francisco, did not admit any liability or wrongdoing under terms of the settlement.
In a statement, Sephora said the company “respects consumers’ privacy and strives to be transparent about how their personal information is used to improve their Sephora experience.”
The company also noted that it allowed customers to opt-out of the sale of personal information starting in November 2021.
Sephora said its tracking allows it “to provide consumers with more relevant Sephora product recommendations, personalized shopping experiences and ads” but that customers can now “opt-out of this personalized shopping experience” easily.
Bonta said Sephora allowed third-party companies to install tracking software that allowed them to build detailed consumer profiles that allowed them to better target customers. But on its website it promised “we do not sell personal information,” according to the lawsuit.
According to official reports, the 30-day grace period for companies violating the law will end next year, when companies will be required to be in compliance without warning.
In a landmark move, Bonta’s office will begin sharing enforcement responsibility with a new California Privacy Protection Agency next year, reports said.
SUPPORT NIGERIAN CANADIAN NEWS
If you like our work and want to keep enjoying what we offer, kindly support us by donating to the Nigerian Canadian News through the button below
Share your thoughts in the comments section below
Do you want to share any news or information with us? If yes, contact the publisher at email@example.com