United States of America: California Privacy Protection Agency announced settlement with PayDae and The Data Group over registration violations under Delete Act (SB 362)

On 19 December 2024, the California Privacy Protection Agency (CPPA) announced the settlement of its investigation into two data brokers, PayDae, Inc. (Infillion) and The Data Group, LLC, for failing to comply with the registration and fee payment requirements outlined in the Delete Act (SB 362). Infillion was fined USD 54,200 and The Data Group LLC USD 46,600 for not registering with the California Data Broker Registry by the required deadline. The Act requires data brokers, defined as businesses that collect and sell consumers' personal information without direct interaction, to register with the CPPA and pay an annual fee. Specifically, data brokers must register with the CPPA by 31 January if they operated in the previous year or face penalties of USD 200 per day for non-compliance. The Act also requires data brokers to disclose consumer deletion requests, their response times, and the specific types of data they handle, such as minors and geolocation data.