California AG Launches “Surveillance Pricing” Investigation – Action Required

California Attorney General Rob Bonta announced an unprecedented investigative sweep into “surveillance pricing” practices by grocers, hotels, and retailers, marking the first state-level inquiry targeting personalized pricing under data privacy laws.

What is Surveillance Pricing?

Surveillance pricing uses consumer personal information — such as location, browsing history, or demographic data — rather than market forces to set individualized prices. The result: customers purchasing identical products at the same time from the same business may face dramatically different prices.

The Investigation

The AG’s office will demand answers from businesses about the following issues:

• How they use consumer personal information to set prices;
• Their policies and public disclosures on personalized pricing;
• Pricing experiments they’ve conducted; and
• Compliance measures for algorithmic pricing, competition, and civil rights laws.

Legal Implications

AG Bonta asserts that surveillance pricing may violate California’s Consumer Privacy Act (CCPA) and other state laws governing algorithmic pricing, antitrust, and discrimination. This multi-pronged approach signals that the investigation extends far beyond data privacy into broader consumer protection territory.

The Instacart Connection

While not explicitly cited, this sweep follows Consumer Reports’ exposé of Instacart’s algorithmic pricing disparities and the Federal Trade Commission’s subsequent civil investigative demand. Instacart ultimately terminated its AI-driven pricing experiments after admitting customers paid different prices for identical items.

Potential Penalties

Companies face substantial exposure:

• CCPA violations: $2,500 per violation; $7,500 per intentional violation
• Additional penalties under California’s antitrust and consumer protection statutes

Immediate Action Items for California Businesses

If your business uses algorithmic pricing or personalized pricing strategies, act now:

1. Audit your pricing systems: Identify whether algorithms differentiate prices based on individual consumer characteristics. Ask critical questions:

• • Does your platform assign genders to products or consumers?
  • Does it use geographic data as a proxy for protected classes?
  • Does it display different prices based on buyer attributes?

2. Review data collection practices: Verify that consumer data collection and usage comply with the CCPA and other privacy laws.
3. Update privacy policies: Ensure disclosures accurately reflect your data collection and pricing practices under current California law.
4. Prepare for AG inquiry: Be ready to provide detailed explanations of pricing practices, data usage, and compliance measures.

Bottom Line

This investigation represents a paradigm shift — applying data privacy and consumer protection frameworks to algorithmic pricing for the first time. Proactive compliance now can mitigate enforcement risks, avoid substantial penalties, and preserve customer trust in an increasingly regulated marketplace.