A Third Set of Modifications to the CCPA Regulations
This week, the California Department of Justice again announced a third set of proposed modifications made to the CCPA regulations summarized below.
- Examples were given of how businesses collecting personal information from consumers offline can provide the notice of right to opt-out of the sale of personal information through an offline method.
- Guidance was provided on how submitting requests to opt-out should be easy and require minimal steps.
- Methods must be designed to avoid subverting or impairing a consumer’s choice to opt-out.
- A request to opt-out shall not require more steps than that business’s process for a consumer to opt-in to the sale of personal information after having previously opted out.
- Do not use confusing language, such as double negatives (e.g., “Don’t Not Sell My Personal Information”), when providing consumers, the choice to opt-out.
- Don’t require consumers to click through or listen to reasons why they should not submit a request to opt-out before confirming their request.
Don’t require the consumer to provide personal information that is not necessary to implement the request.
- Clarification that a business may require an authorized agent to provide proof the consumer gave permission or may require a consumer to verify their request.
- Clarification that businesses that have actual knowledge that they sell the personal information of minors are required to include in their privacy policies a description of their method for verifying that the person authorizing the sale of a child’s data is actually that child’s parent or guardian.
In the meantime, the WireWheel Privacy Management Platform and DSAR Automation tools are here to help!
Suggested Blog Posts
Written by Rick Buck, Chief Privacy Officer, WireWheel Remember Do Not Track (DNT), the web browser setting that...
On December 9, just one week after WireWheel’s SPOKES Privacy Technology Conference, where the concept of a U.S....
On December 10, 2020, the California Attorney General proposed new modifications to the CCPA. The proposed...
In the plenary session of WireWheel’s SPOKES Privacy Conference two central figures in crafting transatlantic data...
On November 17, the Canadian government drafted new privacy legislation that would make significant changes to their...