California Regulators Hit Sephora with $1.2M Fine
Thursday, September 8, 2022
Regulators have roared back from a pandemic-induced stupor that seemingly tamped down some of the most aggressive actions at their disposal—as Sephora recently became painfully aware.
The action by California regulators underscores the need for federal privacy legislation. “Whilst being good news for consumers, this is an alarming trend for businesses. Contrasted to the EU, in the United States, there is still no nationwide and overarching privacy legislation on the federal level, pushing individual states to legislate on the matter and fill the gap,” said Ilia Kolochenko, founder of ImmuniWeb and a member of Europol Data Protection Experts Network. “If the trend persists, in a decade, we will have 50 heterogeneous privacy and data protection regimes, making business in the U.S. impossible both for domestic and foreign companies.”
State privacy laws are often more permissive than Europe’s GDPR, but some states, like California, have enacted harsher laws and other have honed in on specific aspects of data protection like biometric data in Illinois. “Contrariwise, in other states, there is no privacy legislation whatsoever, leaving consumers without any protection. Such polarized and incongruent enforcement from one state to another undermines the predictability and certainty of the legal landscape,” said Kolochenko. “That being said, federal legislation that would finally harmonize the American data protection regime is urgently needed.” Read Full Article