Inconsistent CCPA Compliance by California Data Brokers

First reported

27.08.2025 16:24

Last updated

📰 1 unique sources, 1 articles

Summary

Hide ▲

A study from the University of California, Irvine, reveals that many data brokers in California are not fully complying with the California Consumer Privacy Act (CCPA). Roughly half of the 543 registered data brokers failed to respond within the required 45-day time frame to consumer requests to access or delete personally identifiable information (PII). This noncompliance raises concerns about data privacy and the effectiveness of the CCPA in protecting consumer data. The study highlights that the lack of compliance is not uniform, with larger companies finding it easier to adhere to the regulations. Additionally, the process of verifying consumer requests often requires consumers to provide PII, which can further complicate privacy concerns.

Timeline

27.08.2025 16:24 📰 1 articles · ⏱ 20d ago

Study finds inconsistent CCPA compliance among California data brokers
A study from the University of California, Irvine, published in 2025, reveals that many data brokers in California are not fully complying with the CCPA. Approximately half of the 543 registered data brokers did not respond within the required 45-day time frame to consumer requests to access or delete PII. The study also notes that the process of verifying consumer requests often requires consumers to provide PII, which can further complicate privacy concerns.
Show sources

Gaps in California Privacy Law: Half of Data Brokers Ignore Requests — www.darkreading.com — 27.08.2025 16:24
Open in new tab

Information Snippets

The California Consumer Privacy Act (CCPA) was enacted in 2020 to establish data protection regulations.
First reported: 27.08.2025 16:24

📰 1 source, 1 article
Show sources
- Gaps in California Privacy Law: Half of Data Brokers Ignore Requests — www.darkreading.com — 27.08.2025 16:24
A study from the University of California, Irvine, found that 543 registered data brokers (DBRs) had inconsistent compliance with CCPA regulations.
First reported: 27.08.2025 16:24

📰 1 source, 1 article
Show sources
- Gaps in California Privacy Law: Half of Data Brokers Ignore Requests — www.darkreading.com — 27.08.2025 16:24
Approximately half of the data brokers did not respond within the 45-day time frame required by the CCPA.
First reported: 27.08.2025 16:24

📰 1 source, 1 article
Show sources
- Gaps in California Privacy Law: Half of Data Brokers Ignore Requests — www.darkreading.com — 27.08.2025 16:24
Response rates varied based on the method of verifiable consumer requests (VCRs), with form-based VCRs having a 71% response rate and phone/email VCRs a 42% response rate.
First reported: 27.08.2025 16:24

📰 1 source, 1 article
Show sources
- Gaps in California Privacy Law: Half of Data Brokers Ignore Requests — www.darkreading.com — 27.08.2025 16:24
The study notes that even anonymized data can be compromised if a sufficiently large and detailed sample is obtained.
First reported: 27.08.2025 16:24

📰 1 source, 1 article
Show sources
- Gaps in California Privacy Law: Half of Data Brokers Ignore Requests — www.darkreading.com — 27.08.2025 16:24
The CCPA requires data brokers to delete PII provided for verification purposes after processing the request.
First reported: 27.08.2025 16:24

📰 1 source, 1 article
Show sources
- Gaps in California Privacy Law: Half of Data Brokers Ignore Requests — www.darkreading.com — 27.08.2025 16:24
There is no standardized method for data brokers to disseminate information, which can lead to the release of more data than requested.
First reported: 27.08.2025 16:24

📰 1 source, 1 article
Show sources
- Gaps in California Privacy Law: Half of Data Brokers Ignore Requests — www.darkreading.com — 27.08.2025 16:24

Summary

Timeline

Study finds inconsistent CCPA compliance among California data brokers

Information Snippets