How many retailers have reported metrics regarding their data subject requests?
Free Article Limit This Month
The CCPA Regulations require that businesses that buy, receive, sell, or share personal information about more than 10 million Californians disclose metrics within their privacy notices regarding the quantity of data subject requests that they received in the previous calendar year. Specifically, businesses must publicly report:
- The number of access requests that the business received, complied with in whole or in part, and denied;
- The number of deletion requests that the business received, complied with in whole or in part, and denied;
- The number of do-not-sell requests that the business received, complied with in whole or in part, and denied; and
- The median or mean number of days within which the business substantively responded to requests to know, requests to delete, and requests to opt out. [1]
Based upon a review of the websites of the Fortune 500, 40.5% of Fortune 500 retailers have reported the metrics referenced in the CCPA Regulations.[2]
[1] Cal. Code Regs. tit. 11, § 999.317(g) (2021).
[2] Review was conducted in August 2021.
ALM expressly disclaims any express or implied warranty regarding the OnPractice Content, including any implied warranty that the OnPractice Content is accurate, has been corrected or is otherwise free from errors.
Accept
My
Account
