SHARE

October 27, 2021

How many retailers have reported metrics regarding their data subject requests?

You've Reached Your
Free Article Limit This Month
Subscribe now to get unlimited access to all Law.com OnPractice content. Your subscription is free.
Subscribe Now

The CCPA Regulations require that businesses that buy, receive, sell, or share personal information about more than 10 million Californians disclose metrics within their privacy notices regarding the quantity of data subject requests that they received in the previous calendar year. Specifically, businesses must publicly report:

  • The number of access requests that the business received, complied with in whole or in part, and denied;
  • The number of deletion requests that the business received, complied with in whole or in part, and denied;
  • The number of do-not-sell requests that the business received, complied with in whole or in part, and denied; and
  • The median or mean number of days within which the business substantively responded to requests to know, requests to delete, and requests to opt out. [1]

Based upon a review of the websites of the Fortune 500, 40.5% of Fortune 500 retailers have reported the metrics referenced in the CCPA Regulations.[2]


[1] Cal. Code Regs. tit. 11, § 999.317(g) (2021).

[2] Review was conducted in August 2021.

ALM expressly disclaims any express or implied warranty regarding the OnPractice Content, including any implied warranty that the OnPractice Content is accurate, has been corrected or is otherwise free from errors.

More From Greenberg Traurig

Data transfers from a controller in the EEA, to another controller in the EEA, to a processor outside of the EEA

By David A. Zetoony Greenberg Traurig August 02 , 2022

The following is part of Greenberg Traurig’s ongoing series analyzing cross-border data transfers in light of the new Standard Contractual Clauses approved by the European Commission in June 2021.

Workplace Safety Review: Episode 28 | Interview with Nadine Mancini

By Michael T. Taylor Greenberg Traurig August 01 , 2022

In this episode, Mike Taylor and Adam Roseman talk to Nadine Mancini, General Counsel for the federal Occupational Safety and Health Review Commission in Washington, D.C.

3rd Circuit Issues Practical Death Knell to Nationwide FLSA Collective Actions Involving Employers Not Subject to General Jurisdiction in Circuit

By James N. Boudreau Greenberg Traurig July 29 , 2022

On July 26, 2022, in a win for employers, the Third Circuit Court of Appeals issued a precedential opinion in Christa Fischer, et al. v. Federal Express Corp., et al, No. 21-1683, affirming a decision from the Eastern District of Pennsylvania that refused to allow two opt-in plaintiffs to join a putative collective action under the Fair Labor Standards Act (FLSA) because the proposed plaintiffs’ claims for unpaid overtime had no connection to Pennsylvania.

More From Consumer Protection

Data transfers from a controller in the EEA, to another controller in the EEA, to a processor outside of the EEA

By David A. Zetoony Greenberg Traurig August 02 , 2022

The following is part of Greenberg Traurig’s ongoing series analyzing cross-border data transfers in light of the new Standard Contractual Clauses approved by the European Commission in June 2021.

Ransomware: To Pay or Not to Pay? It Just Got More Complicated

By Scott Ferber McDermott Will & Emery July 25 , 2022

When an organization experiences a ransomware attack, it must address significant—and sometimes competing—challenges under pressing deadlines.

Oregon Finalizes Student Loan Servicer Regulations with July 1 Effective Date

By Lisa M. Lanham Ballard Spahr July 14 , 2022

On June 27, the Oregon Department of Consumer and Business Services’ (“Department”) Division of Financial Regulation (“Division”) finalized new regulations implementing Senate Bill 485, which requires companies to obtain a license from the Division in order to service student loans in Oregon, unless an exemption applies.

Featured Stories
Closeclose
Search
Menu

Working...