New ask Hacker News story: Ask HN: What have been your California Consumer Privacy Act (CCPA) experiences?
Ask HN: What have been your California Consumer Privacy Act (CCPA) experiences?
2 by sillystuff | 0 comments on Hacker News.
I'm curious about others' experience with California Consumer Privacy Act (CCPA) compliance. And, if my understanding of the protections of the act are incorrect, and it does not, in fact, prevent continued retention and selling of personal data after a CCPA request has been lodged (i.e., it contains giant loopholes that negate any real protection by the act). At the end of February, I visited a government site that asked me security questions that I had not provided answers to. My account was locked because I answered the questions "wrong". The site's support responded, to a query, that they sourced the questions and answers from LexisNexis. I wanted to avoid such issues in the future, so using the LexisNexis CCPA request web form, I checked the boxes on all three of, request a) a copy of the data they had collected, b) they not sell my data, and c) they delete the data they already had collected. In early March, I got confirmation of my request and an extensive report of the data they had collected on me. The data was extremely unreliable containing many errors. It was no wonder I could not answer the security questions "correctly". In mid July, I had to use that government web site again, and was again prompted with security questions I had not provided answers for (this time, however, I was able to answer the questions "correctly" using the CCPA report as an answer key). I contacted the site again, and they confirmed that the questions and answers were exclusively sourced from LexisNexis, and that they did not cache / store any of this information-- that the website queries LexisNexis in real time at the time the questions are posed to the visitor. This seems to indicate that LexisNexis did not, in fact delete my data, and Lexis Nexis is continuing to sell my data. If you have placed CCPA requests, what have been your experiences? And, were my expectations that the CCPA would prevent LexisNexis from continuing to retain and sell my data not in line with what the CCPA actually provides?
2 by sillystuff | 0 comments on Hacker News.
I'm curious about others' experience with California Consumer Privacy Act (CCPA) compliance. And, if my understanding of the protections of the act are incorrect, and it does not, in fact, prevent continued retention and selling of personal data after a CCPA request has been lodged (i.e., it contains giant loopholes that negate any real protection by the act). At the end of February, I visited a government site that asked me security questions that I had not provided answers to. My account was locked because I answered the questions "wrong". The site's support responded, to a query, that they sourced the questions and answers from LexisNexis. I wanted to avoid such issues in the future, so using the LexisNexis CCPA request web form, I checked the boxes on all three of, request a) a copy of the data they had collected, b) they not sell my data, and c) they delete the data they already had collected. In early March, I got confirmation of my request and an extensive report of the data they had collected on me. The data was extremely unreliable containing many errors. It was no wonder I could not answer the security questions "correctly". In mid July, I had to use that government web site again, and was again prompted with security questions I had not provided answers for (this time, however, I was able to answer the questions "correctly" using the CCPA report as an answer key). I contacted the site again, and they confirmed that the questions and answers were exclusively sourced from LexisNexis, and that they did not cache / store any of this information-- that the website queries LexisNexis in real time at the time the questions are posed to the visitor. This seems to indicate that LexisNexis did not, in fact delete my data, and Lexis Nexis is continuing to sell my data. If you have placed CCPA requests, what have been your experiences? And, were my expectations that the CCPA would prevent LexisNexis from continuing to retain and sell my data not in line with what the CCPA actually provides?
Comments
Post a Comment