Privacy management company DataGrail analyzed how many CCPA data subject requests went across its platform in the first half of 2020 and found that organizations should expect to process hundreds of CCPA data subject requests (DSRs), with do-not-sell requests being the most popular requests from consumers.

Highlights from the report include:

• Do-not-sell (DNS) requests are the most common type of DSR by 2x
• One-third of every DSR will go unverified, confirming the need for a robust and scalable verification method
• 40 percent of access requests were NOT verified, validating concerns that fraudulent requests could be made to steal data
• In 2020, companies manually processing DSRs should expect to pay $240,000 per one million records to fulfill requests
• B2C companies should prepare to process approximately 170 total DSRs per one million consumer records each year

Download the report below to read the full findings.

Подробнее…

After nearly two years of waiting, the California Consumer Privacy Act (CCPA) has officially entered its enforcement phase. Undeterred by some businesses claiming that the COVID-19 crisis has affected their ability to bring their systems into compliance with the new law, the California Attorney General’s office issued its final guidelines in early June and stated that it expects those affected to be prepared for enforcement on schedule. In truth, the law has been in effect since January 1, 2020, but the six-month delay in enforcement was granted by the California AG’s office to give organizations the time they needed to shore up their compliance plans.

With the delay now over and businesses staring down the very real possibility of legal action, CISOs must grapple with the challenge of protecting not just their organization’s data, but customer data as well. To avoid the substantial fines and significant reputational damage that a CCPA violation would likely incur, it is critical for business leaders to understand the many ways…

Подробнее…