California Attorney General Rob Bonta announced a settlement with DoorDash, resolving allegations that the company violated the California Consumer Privacy Act and the California Online Privacy Protection Act. The investigation by the California Department of Justice found that DoorDash sold its California customers’ personal information without providing notice or an opportunity to opt out of that sale in violation of both the CCPA and CalOPPA. The sale occurred in connection with DoorDash’s participation in a marketing cooperative, where businesses contribute the personal information of their customers in exchange for the opportunity to advertise their products to each other’s customers. Today’s enforcement action alleges that this was a sale of personal information under the CCPA, that DoorDash violated the CCPA’s requirements for businesses that sell personal data, and that it failed to cure these violations. The complaint also alleges that DoorDash violated CalOPPA by failing to state in its posted privacy policy that it disclosed personally identifiable information, like a consumer’s home address, to the marketing cooperatives. Marketing cooperatives enable businesses to trade personal information, which can lead to the widespread dissemination of private consumer data, including to data brokers and other companies that are not members of the marketing cooperative. As part of the settlement, DoorDash will pay a $375,000 civil penalty and comply with strong injunctive terms.
Published first on TheFly – the ultimate source for real-time, market-moving breaking financial news. Try Now>>
See today’s best-performing stocks on TipRanks >>
Read More on DASH: