California Privacy Agency Cracks Down on Another Business For Deficient Opt-Out Practices: 3 Action Steps For Your Company
For the second time in a week, California privacy regulators announced a significant fine against a business for failing to satisfy California Consumer Privacy Act’s (CCPA) “clear and conspicuous” opt-out requirements. T he California Privacy Protection Agency fined Ford Motor Company $375,000 fine on March 5, finding that the automaker’s process for letting consumers opt out of having their personal information sold or shared created “unnecessary friction” in violation of the CCPA . These back-to-back enforcement actions should serve as a wake-up call for businesses to ensure their opt-out policies can withstand regulators’ scrutiny. What happened in this matter, and what lessons can you learn from the fine? What Happened? The agency found that Ford’s opt-out process required consumers to verify their email address prior to opting out of the sale and/or sharing of their personal information . If consumers did not complete the email verification step, Ford did not process their opt-ou...