This is the Data Protection Report’s fourth blog posts in a series of CCPA blog posts that will break down the major elements of the CCPA, which will culminate in a webinar on the CCPA in October. Stay tuned for additional blogs and information about our upcoming webinar on the CCPA.
Disclosures required after receipt of a verifiable consumer request
Businesses that sell or disclose personal information for business purposes must disclose certain information to consumers upon receipt of a “verifiable consumer request.” Specifically, upon receiving a “verifiable consumer request,” a business must disclose the following related to the preceding 12 months:
- the categories of personal information the business has collected about the consumer;
- the categories of sources from which that information about the consumer was collected;
- the business/ commercial purpose for collecting or selling the consumer’s personal information;
- the categories of third parties with whom the business shares personal information; and
- the specific pieces of personal information the business has collected about that consumer.
Look out for our next blog article which will address the CCPA’s consumer access and portability rights.
*** In case you missed it, the California State Legislature passed SB-1121 which amends the CCPA. The amendments are now awaiting signature from the California governor. We will provide more detailed coverage on these amendments in a future blog article.
Our other CCPA articles
Article 1: Summary of CCPA’s major provisions
Article 2: CCPA covered entities
Article 3: CCPA definition of personal information
Article 4: CCPA disclosure requirements
Article 5: CCPA “Right to Deletion”
Article 6: California Attorney General’s Office begins CCPA rulemaking process with first public hearing while Congress debates new federal privacy law
Article 7: Comments at CCPA public forum in Los Angeles highlight tensions between businesses and consumer rights groups
Article 8: GDPR, CCPA and beyond: Changes in data privacy laws and enforcement risks to monitor in 2019
Article 9: CCPA: “Attorney General Amendment” Likely Dead
Article 10: Nevada, New York and other states follow California’s CCPA
Article 11: “What’s cooking” in Sacramento: CCPA’s “employee exception” bill is amended; “publicly available information” exception is broadened, and consumer access rights are clarified
Article 12: Back At The Negotiating Table: CCPA Amendments Debate Continues
Article 13: One-Month Countdown to Pass CCPA Amendments Begins
Article 14: CCPA: “Wait and see” is not the right approach
Article 15: And then there were five: CCPA amendments pass legislature
Article 16: Mic Drop: California AG releases long-awaited CCPA Rulemaking
Article 17: California Governor Signs All 5 CCPA Amendments
Article 18: Here We Go Again: Another Ballot Initiative for CCPA in 2020
Article 19: Privacy Officers’ New Year’s Resolutions
Article 20: State of the Untion: CCPA and beyond in 2020