California Attorney General Rob Bonta has announced a new enforcement sweep aimed at businesses operating in the state with mobile apps in the retail, travel, and food service industries that allegedly fail to comply with consumer opt-out requests. The sweep also includes those businesses that do not offer any mechanism for consumers who want to stop the sale of their personal data.
“In California, consumers have the right to stop the sale of their personal information, and my office is working tirelessly to make sure that businesses recognize and process consumers’ opt-out requests,” said Bonta.
“I urge the tech industry to innovate for good – including developing a global privacy control for mobile devices that allows consumers to stop apps from selling their data.”
Attorney General Rob Bonata on Twitter
Selling data
Bonta also highlighted the sensitivity of personal data and urged businesses to adopt new protective developments. “On this Data Privacy Day and every day, businesses must honor Californians’ right to opt out and delete personal information, including when those requests are made through an authorized agent,” he said.
“Today’s sweep also focuses on mobile app compliance with the CCPA, particularly given the wide array of sensitive information that these apps can access from our phones and other mobile devices. I urge the tech industry to innovate for good — including developing and adopting user-enabled global privacy controls for mobile operating systems that allow consumers to stop apps from selling their data.”
“We may not always realize it, but these brick-and-mortar stores are collecting our data – and they’re finding new ways to profit from it.”
Rob Bonta, Attorney General
Other businesses involved in the sweep are those who have failed to process consumer requests submitted via an authorized agent, including those submitted via Permission Slip – a mobile app which enables consumers to send requests to opt out of the sale of or delete their personal information.
In last year’s sweep, Bonta focused on businesses operating loyalty programs in California that were not compliance with the CCPA.
“In the digital age, it’s easy to forget that our data isn’t only collected when we go online. It’s collected when we enter our phone number for a discount at the supermarket; when we use rewards for a free coffee at our local coffee shop; and when we earn points to purchase items at our favorite clothing store,” he said then.
“We may not always realize it, but these brick and mortar stores are collecting our data – and they’re finding new ways to profit from it.”
The California Consumer Privacy Act (CCPA)
The CCPA is a landmark law that secures increased privacy rights for California consumers, and gives them the right to:
- know about the personal information a business collects about them and how it is used and shared;
- delete personal information collected from them (with some exceptions);
- opt-out of the sale or sharing of their personal information; and
- non-discrimination for exercising their CCPA rights.
- correct inaccurate personal information that a business has about them; and
- limit the use and disclosure of sensitive personal information collected about them.
Businesses that are subject to the CCPA have several responsibilities, including responding to consumer requests to exercise these rights and giving consumers certain notices explaining their privacy practices.
The CCPA became effective on January 1, 2020.
Source: oag.ca.gov