CyberHappenings logo
Home Browse About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

Noncompliance with CCPA by Data Brokers

First reported
Last updated
1 unique sources, 1 articles

Summary

Hide ▲

A study from the University of California, Irvine, reveals that half of data brokers in California are not complying with the California Consumer Privacy Act (CCPA). These brokers often fail to respond to consumer requests to access or delete personally identifiable information (PII) within the required 45-day timeframe. This noncompliance poses significant privacy risks, as the personal data in these databases can be compromised despite anonymization efforts. The study found that only 42% of data brokers responded to verifiable consumer requests (VCRs) made via phone or email, while 71% responded to form-based VCRs. The lack of compliance is attributed to the complexity of the regulations and the learning curve associated with implementing them. The study also highlights the paradoxical nature of verifying PII with data brokers, as consumers must provide PII to determine if a broker holds their data. However, the CCPA includes provisions to prevent the storage and use of this validating data after the query.

Timeline

  1. 27.08.2025 16:24 1 articles · 1mo ago

    Study Reveals Noncompliance with CCPA by Data Brokers

    A study from the University of California, Irvine, found that roughly half of the 543 registered data brokers in California are not complying with the CCPA. These brokers often fail to respond to consumer requests to access or delete PII within the required 45-day timeframe. The study also highlighted the paradoxical nature of verifying PII with data brokers and the need for standardized VCR forms and data presentation to improve governance and oversight.

    Show sources
    Open in new tab

Information Snippets