California AG Fines Healthline $1.55M for CCPA Data Sharing Violations
California Attorney General Rob Bonta has announced a record $1.55 million settlement with Healthline Media LLC (Healthline) for alleged violations of the California Consumer Privacy Act (CCPA). The settlement is the largest monetary penalty to date for such a violation.
Healthline improperly shared data with third parties, including details of articles consumers accessed that could suggest they had been diagnosed with a serious medical condition. This happened despite the company's website, healthline.com, failing to allow consumers to opt out of targeted advertising despite having an opt-out feature. The settlement requires Healthline to comply with the CCPA, including providing notice of data sales or sharing and processing consumer opt-out requests. The company must also implement a three-year compliance program, including annual reports to the Cal AG. The settlement prohibits Healthline from sharing the titles of any articles accessed by consumers that could imply they had received a specific medical diagnosis.
The settlement follows similar enforcement actions against Honda and Todd Snyder for deficient consumer opt-out processes. The Cal AG's focus on opt-out functionality and contract scrutiny highlights the need for businesses to test opt-out mechanisms and audit third-party relationships.
Healthline has agreed to pay a $1.55 million penalty for CCPA violations. The settlement requires the company to improve its data handling practices and comply with consumer opt-out requests. This marks a significant step in enforcing consumer privacy rights in California.
