SHARE

October 27, 2021

How many retailers have reported metrics regarding their data subject requests?

You've Reached Your
Free Article Limit This Month
Register for free to get unlimited access to all Law.com OnPractice content.
Register Now

The CCPA Regulations require that businesses that buy, receive, sell, or share personal information about more than 10 million Californians disclose metrics within their privacy notices regarding the quantity of data subject requests that they received in the previous calendar year. Specifically, businesses must publicly report:

  • The number of access requests that the business received, complied with in whole or in part, and denied;
  • The number of deletion requests that the business received, complied with in whole or in part, and denied;
  • The number of do-not-sell requests that the business received, complied with in whole or in part, and denied; and
  • The median or mean number of days within which the business substantively responded to requests to know, requests to delete, and requests to opt out. [1]

Based upon a review of the websites of the Fortune 500, 40.5% of Fortune 500 retailers have reported the metrics referenced in the CCPA Regulations.[2]


[1] Cal. Code Regs. tit. 11, § 999.317(g) (2021).

[2] Review was conducted in August 2021.

ALM expressly disclaims any express or implied warranty regarding the OnPractice Content, including any implied warranty that the OnPractice Content is accurate, has been corrected or is otherwise free from errors.

More From Greenberg Traurig

Can a business require a consumer to submit a declaration under penalty of perjury in order to prove their identity?

By David A. Zetoony Greenberg Traurig November 22 , 2022

The regulations implementing the CCPA require that a business verify the identity of a consumer that submits a specific-information access request to a “reasonably high degree of certainty.”

FINRA Targeting Crypto Asset Retail Communications

By William B. Mack Greenberg Traurig November 22 , 2022

The Financial Industry Regulatory Authority (FINRA) in November 2022 released a targeted exam letter pertaining to communications for crypto products and services.

New York State Cannabis Control Board Releases Proposed Adult-Use Regulations

By Lynelle K. Bosworth Greenberg Traurig November 22 , 2022

On Nov. 21, 2022, the New York State Cannabis Control Board (CCB) approved draft regulations governing the Adult-Use Cannabis program.

More From Consumer Protection

Can a business require a consumer to submit a declaration under penalty of perjury in order to prove their identity?

By David A. Zetoony Greenberg Traurig November 22 , 2022

The regulations implementing the CCPA require that a business verify the identity of a consumer that submits a specific-information access request to a “reasonably high degree of certainty.”

What is the difference between a category-level access request and a specific-information access request?

By David A. Zetoony Greenberg Traurig November 21 , 2022

The CCPA and its implementing regulations identify six types of information requests that a consumer can submit to a business.

CPRA's effective date is around the corner… but how many businesses actually updated their privacy policies the first time for the CCPA?

By David A. Zetoony Greenberg Traurig November 18 , 2022

In order to help businesses understand and benchmark industry practice, Greenberg Traurig attorneys analyzed the publicly available privacy policies of companies within the Fortune 500.

Featured Stories
Closeclose
Search
Menu

Working...