California Joins Multi-State Enforcement Action on Global Privacy Control

California, Colorado, and Connecticut investigate potential noncompliance with the Global Privacy Control, signaling heightened scrutiny of data privacy practices.

On September 9, 2025, California Attorney General Rob Bonta, the California Privacy Protection Agency (CPPA), and the attorneys general of Colorado and Connecticut announced a joint investigative action involving potential noncompliance with the Global Privacy Control (GPC). The GPC is a user-enabled privacy setting that allows individuals to express their data-sharing preferences across websites. This multi-state enforcement action underscores the increasing emphasis on protecting consumer privacy and ensuring compliance with state privacy laws.

• California, Colorado, and Connecticut are investigating potential noncompliance with the Global Privacy Control.

• The GPC allows individuals to express their data-sharing preferences across websites.

• The enforcement action highlights the growing importance of consumer privacy protections.

• Organizations may face increased scrutiny regarding their data privacy practices.

CONCLUSION

This enforcement action signifies a robust approach by state authorities to uphold data privacy standards. Organizations operating across multiple states must be vigilant in adhering to varying state privacy laws and consumer protection regulations. The emphasis on tools like the Global Privacy Control indicates a shift towards empowering consumers with more control over their personal data, necessitating businesses to implement transparent and compliant data handling practices.

Source:

Fall 2025 Regulatory Roundup: Top U.S. Privacy and AI Developments for Businesses to Track | Hinshaw & Culbertson - Privacy, Cyber & AI Decoded - JDSupra