What is the difference between a category-level access request and a specific-information access request?
Free Article Limit This Month
The CCPA and its implementing regulations identify six types of information requests that a consumer can submit to a business. As the first five requests ask that a business respond with broad information about the type of information collected (as opposed to the actual information itself), they are often referred to as category-level access requests. As the sixth request asks that a business respond with the actual information the business collected about a consumer, it is often referred to as a specific-information request.
So, for example, if a consumer submitted a category-level request that asked a business what categories of personal information the business collected about the consumer, it might be sufficient for the business to respond by stating that it collected "identifiers" about the consumer, or it could respond more specifically by stating that it collected the consumer's name and email address. If the same consumer submitted a specific-information request to the same business, the business might respond by telling the consumer that it collected the name "John Smith" and the email address [email protected][1]
In practice, many companies don't separate category-level requests from specific-information requests when they discuss consumers' rights to request access to their information. Indeed, 52% of companies simply allow consumers to "access" their personal information or submit a "request to know" without specifically differentiating between the different types of access that might be requested.[2]
[1] See FSOR Appendix A at 121 (Response 392).
[2] Greenberg Traurig LLP reviewed the publicly available privacy notices and practices of 555 companies (the Survey Population). The Survey Population comprised companies that had been ranked within the Fortune 500 at some point in the past five years as well as additional companies selected from industries that are underrepresented in the Fortune 500. While the Survey Population does not fully match the current Fortune 500 as a result of industry consolidation and shifts in company capitalization, we believe that the aggregate statistics rendered from the Survey Population are representative of mature companies. Greenberg Traurig's latest survey was conducted between September and October 2022.
ALM expressly disclaims any express or implied warranty regarding the OnPractice Content, including any implied warranty that the OnPractice Content is accurate, has been corrected or is otherwise free from errors.
Accept
My
Account
