CCPA went into effect just over a year ago. Now we have some history on it.
DataGrail is a vendor that helps companies like OVERSTOCK and OKTA respond to those CCPA requests. They have fulfilled millions of “data subject requests” for their clients. Here is what they found.
46% of the requests were to tell companies that the consumer did not want their data sold to a third party (the so called DO NOT SELL MY DATA).
One third of the requests were to delete the consumer’s data.
The average business to consumer company received 137 requests per million identities. That is a tiny percentage – like .01 percent.
Side note: Gartner says that companies who manually process requests spend $1,406 per request.
Nearly half of the requests go unverified. Meaning that companies have to spend time and money – for nothing.
Organizations that use a form with a Captcha get significantly less spam.
DataGrail’s report says:
“The companies that are transparent and those that can win trust will be the big winners in the new privacy era,” noted Barber. “Proactively embracing good privacy practices doesn’t have to be a death sentence to profit margins. Forward-thinking companies have figured out how to make a strong privacy stance work for people and their business.”
Now that Virginia has its own version of CCPA and Florida and Texas are on the verge, this might be a good time to wrap your arms around privacy. Credit: Help Net Security
The report can be found at DataGrail