- Topics
- Regions
- Events
- Webcasts
- Resources
- CW Exclusives
- Membership
“For tracking litigation, enforcement, and regulatory developments, Compliance Week
should be your prime source.”- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
Sephora fined $1.2M in first public CCPA enforcement
By 
Adrianne Appel2022-08-25T18:47:00
Cosmetics retailer Sephora agreed to pay $1.2 million in the first public enforcement action under California’s landmark consumer privacy law.
Sephora violated the California Consumer Privacy Act (CCPA) and sold consumers’ personal data after they had requested their information not be sold, California Attorney General Rob Bonta said in a press release Wednesday.
The CCPA, which took effect in 2020, is the country’s first and only active comprehensive state data privacy law. Since the start of 2021, Virginia, Colorado, Utah, and Connecticut have passed privacy laws of their own, each set to take effect in 2023. Congress is considering whether a federal data privacy law is needed and how strong the protections should be.
THIS IS MEMBERS-ONLY CONTENT
You are not logged in and do not have access to members-only content.
If you are already a registered user or a member, SIGN IN now.
Related articles
-
News BriefDoorDash fined $375K in second public CCPA enforcement
Food delivery company DoorDash agreed to pay a $375,000 fine as part of a settlement announced by California Attorney General Rob Bonta addressing alleged violations of the California Consumer Privacy Act.
-
OpinionLegacy of CCPA: A blueprint for prioritizing compliance
Three years in, the promise of the California Consumer Privacy Act as a means of handing down eye-watering penalties against companies for data protection violations remains unfulfilled. And yet, the expanding U.S. data privacy legislation landscape is better for this.
-
PremiumCalifornia ‘setting the tone’ for privacy push with CPRA updates
Changes to the California Consumer Privacy Act set to come over the course of 2023 strengthen the nation’s first comprehensive state privacy law to a benchmark no other states have yet to equal.
More from Regulatory Enforcement
-
News BriefFCA dings Infinox in first fine under U.K. capital market reforms of 2018
The U.K. Financial Conduct Authority issued a landmark fine against trading platform Infinox Capital for failing to report “high-risk” transactions, the first-ever enforcement under a 2018 law.
-
News BriefKuCoin latest crypto firm to pay hefty price for violating BSA with $297M penalty
The Sechelles-based owner of cryptocurrency exchange KuCoin has agreed to pay nearly $300 million in penalties–and cease doing business in the U.S. for two years–to settle charges that it failed to properly monitor potential criminal activity on its network.
-
News BriefDOJ indicts five in remote IT work scheme to circumvent North Korean sanctions
Five people, including two Americans, allegedly duped U.S. companies into hiring North Koreans for contract IT work, and funneled millions in U.S. dollars to the sanctioned regime, the Department of Justice said.