By Ben Brook
August 26, 2022â˘1 min read
As you may have seen, earlier this week the California Attorney General Rob Bonta announced a $1.2M settlement with Sephora over their alleged failure to process requests to opt out of sale received via user-enabled signals like Global Privacy Control (GPC).Â
The AG emphasized that honoring GPC signals is not optional, and noted that his department found hundreds of additional online businesses that were out of compliance in their sweep.Â
As the first CCPA enforcement action to date, this settlement brings some long-awaited clarity to the question of what enforcement may look like. But with the Attorney Generalâs emphasis on the GPC signal and the 30-day cure period approaching its end-date (having been eliminated by CPRA), the settlement raises new, pressing questions in terms of how companies should respond.
First and foremostâif youâre using Transcend Consent, youâre already honoring GPC.
Transcend Consent provides out-of-the-box GPC and Do Not Sell support. Importantly, Consent also automatically appends the right restricted data processing flags (like Facebook LDU) for your ad tech, and integrates across our privacy platform to ensure opt outs are fully honored even if your company is doing some data sharing on your backend.Â
You can learn more in our full guide to CA Do Not Sell or Share. Weâre also hosting a learning session next Thursday, September 1 on the topicâyou can register to attend here.
As always, donât hesitate to reach out if you have any further questions. Weâre excited to see California continuing to lead the charge on giving consumers greater control over their data, and to partner with you to stay well ahead of the privacy curve.
By Ben Brook