THE HOME DEPOT, INC. | Assess Risks to Customers? Data Privacy Rights Due to Company?s Sharing of Custo at THE HOME DEPOT, INC.

Status
Filed
Previous AGM date
Resolution details
Company ticker
HD
Lead filer
Zevin Asset Management
Resolution ask
Report on or disclose
ESG theme
  • Social
ESG sub-theme
  • Digital rights
Type of vote
Shareholder proposal
Filer type
Shareholder
Company sector
Consumer Discretionary
Company HQ country
United States
Resolved clause
RESOLVED: Shareholders of The Home Depot Inc. (Home Depot or the Company) request the Board of Directors issue a report, at reasonable cost and omitting confidential, privileged, and proprietary information, assessing risks to customers data privacy rights arising from the Companys sharing of sensitive customer data with third parties, and describing any strategies beyond legal compliance the Company may deploy to mitigate those risks.
Supporting statement
Home Depot collects sensitive customer data, including gender, race, ethnicity, biometric, and precise geolocation, and states it may share this information with ?law enforcement, public, and government authorities?.  The Company also deploys Automated License Plate Reader cameras in its parking lots, provided by vendor Flock Safety, and notes it ?will maintain and periodically check our ALPR System access records.? [i] Flock Safety?s nationwide network aggregates data from all connected cameras and is accessible to federal authorities. [ii] Such practices may expose the Company to financial and legal risks, including potential data breaches and enforcement of evolving state privacy laws [iii] such as the California Consumer Privacy Act [iv] . The Company already faces reputational risks stemming from frequent immigration enforcement raids occurring near its stores and heightened public concerns regarding data privacy. [v] Home Depot?s dependence on vendor-managed and provided surveillance networks and audit reports, without independent verification, may create governance gaps that fail to detect risks of data misuse that extend beyond the Company?s original intent [vi] , [vii] , [viii] and hinder detection of unauthorized access or misuse. [ix] , [x]   Home Depot has faced privacy-related regulatory and legal actions, including a 2023 finding by Canada?s Privacy Commissioner that it shared e-receipt data with Meta without valid consent [xi] , and a class action in Illinois alleging violations of the Biometric Information Privacy Act for using facial recognition at self-checkout kiosks. [xii] Flock Safety faces mounting scrutiny for its weak cybersecurity and privacy safeguards, including authentication, cryptographic, and system design weaknesses. [xiii] Lawmakers also have called for a federal investigation of Flock Safety?s weak security protections, leaving license plate data vulnerable. [xiv] At the board's discretion, the requested report may include: Evaluation of legal, financial, and reputational risks associated with data-sharing by third-party surveillance vendors. Assessment of privacy and civil rights risks, including discrimination or wrongful detention from misuse of customer data, and Company processes for risk monitoring and mitigation. Disclosure of policies and strategies the Company uses to mitigate identified risks, which may include: Adopting opt-in consent for non-essential data sharing with government authorities Establishing independent third-party audits to verify vendor compliance and detect misuse Implementing stronger oversight of third-party vendors operating surveillance infrastructure on Company property     [i]   https://www.homedepot.com/privacy/privacy-and-security-statement#ALPR   [ii]   https://www.reuters.com/world/democratic-led-states-are-inadvertently-sharing-drivers-data-with-ice-officials-2025-11-12/   [iii]   https://iapp.org/resources/article/us-state-privacy-legislation-tracker/   [iv]   https://oag.ca.gov/privacy/ccpa   [v]   Home Depot Needs to Address ICE Raids - Bloomberg [vi]   https://centralcurrent.org/federal-immigration-agents-accessed-syracuse-drivers-data-through-secret-flock-safety-deal/   [vii]   https://www.vpm.org/news/2025-10-09/flock-safety-cameras-alprs-federal-immigration-enforcement-lehmann-kochis   [viii]   https://www.ftc.gov/news-events/news/press-releases/2023/12/rite-aid-banned-using-ai-facial-recognition-after-ftc-says-retailer-deployed-technology-without [ix]   https://www.muckrock.com/foi/danville-7714/foia-request-alpr-audit-186112/?ref=404media.co   [x]   https://www.404media.co/ice-taps-into-nationwide-ai-enabled-camera-network-data-shows/ [xi]   https://www.priv.gc.ca/en/opc-actions-and-decisions/investigations/investigations-into-businesses/2023/pipeda-2023-001/   [xii]   https://www.retailcustomerexperience.com/news/chicago-man-sues-home-depot-over-facial-recognition-at-self-checkout/ [xiii]   https://zenodo.org/records/17529424   [xiv]   https://krishnamoorthi.house.gov/media/press-releases/congressman-krishnamoorthi-senator-wyden-urge-ftc-investigate-surveillance  

DISCLAIMER: By including a shareholder resolution or management proposal in this database, neither the PRI nor the sponsor of the resolution or proposal is seeking authority to act as proxy for any shareholder; shareholders should vote their proxies in accordance with their own policies and requirements.

Any voting recommendations set forth in the descriptions of the resolutions and management proposals included in this database are made by the sponsors of those resolutions and proposals, and do not represent the views of the PRI.

Information on the shareholder resolutions, management proposals and votes in this database have been obtained from sources that are believed to be reliable, but the PRI does not represent that it is accurate, complete, or up-to-date, including information relating to resolutions and management proposals, other signatories’ vote pre-declarations (including voting rationales), or the current status of a resolution or proposal. You should consult companies’ proxy statements for complete information on all matters to be voted on at a meeting.