Washington Data Broker Agrees to Pay Fine for Failing to Register

News:

SACRAMENTO, CA — The California Privacy Protection Agency (CPPA) Board has ordered a Bellevue, Washington-based data broker, Accurate Append, Inc., to pay a $55,400 fine for failing to register and pay an annual fee as required by the Delete Act. The fine is the result of a continued investigative sweep of data broker registration compliance, announced on October 30, 2024.

Accurate Append will pay $55,400 to resolve the Enforcement Division's claims that the company failed to register by the January 31, 2024 deadline for its activities in 2023. The data broker registered with CPPA only after the Enforcement Division had contacted Accurate Append during its investigation. In addition to the fine, the company agreed to injunctive terms, including agreeing to pay the Enforcement Division's attorney fees and costs resulting from any non-compliance.

“This settlement shows, once again, the peril faced by data brokers who fail to register,” said CPPA's head of enforcement, Michael Macko. “We are committed to bringing transparency to the data broker industry, and vigorous enforcement of California's registration requirement is one way to do that.”

The Delete Act requires data brokers to register and pay an annual fee that funds the California Data Broker Registry. The fees also fund the development of the first-of-its-kind deletion mechanism, called the Delete Request and Opt-Out Platform (DROP), that will allow consumers to direct all data brokers to delete their personal information in a single request. DROP will be available to consumers in 2026.

The CPPA's Recent Enforcement Actions to Protect Californians

The CPPA is actively enforcing California's cutting-edge privacy laws. Recent actions include:

  • Issuing a decision requiring a nationwide clothing retailer, Todd Snyder, Inc., to change its business practices and pay a $345,178 fine for CCPA violations.
  • Issuing a decision requiring American Honda Motor Co. to change its business practices and pay a $632,500 fine for CCPA violations — one of the highest fines in the law's history.
  • Securing a settlement agreement requiring data broker Background Alert — which promoted its ability to dig up “scary” amounts of information about people — to shut down or pay a steep fine.
  • Bringing an enforcement action against National Public Data, Inc., the Florida-based data broker responsible for a data breach that exposed millions of Americans' Social Security numbers and personal information.
  • Launching the bipartisan Consortium of Privacy Regulators to collaborate with states across the country to implement and enforce privacy laws nationwide.
  • Partnering with the data protection authorities in Korea, France, and the United Kingdom to share information and advance privacy protections for Californians.

These activities followed nearly a half-dozen enforcement actions brought against unregistered data brokers late last year, and an investigative sweep of data broker compliance with the Delete Act.

About Us

Established in 2020, the California Privacy Protection Agency was created to protect Californians' consumer privacy rights. The CPPA implements and enforces the California Consumer Privacy Act and the Delete Act. It is governed by a five-member Board that consists of experts in privacy, technology, and consumer rights.

Individuals can visit Privacy.ca.gov to access helpful and up-to-date information on how to exercise their rights and protect their personal information. In addition, the Agency's website provides important information about CPPA Board Meetings, announcements, and the rulemaking process.