- 1798.100 – Consumers right to receive information on privacy practices and access information
- 1798.105 – Consumers right to deletion
- 1798.110 – Information required to be provided as part of an access request
- 1798.115 – Consumers right to receive information about onward disclosures
- 1798.120 – Consumer right to prohibit the sale of their information
- 1798.125 – Price discrimination based upon the exercise of the opt-out right
What are data brokers required to do under California law?
In addition to complying with the general compliance obligations of the CCPA, data brokers are required to take the following actions:
- Registration. Data brokers are required to register with the California Attorney General.1
- Fees. Data brokers are required to pay a fee as part of the registration process.2
- Opt-out Mechanism. As data brokers, by definition, sell personal information, they are required to provide an opt-out mechanism by which consumers can instruct the broker to cease such sales.3
- Respond to Opt-Out Signals. As data brokers, by definition, sell personal information, they are required by the regulations implementing the CCPA to “treat user-enable global privacy controls, such as a browser plugin or privacy setting, device setting, or other mechanism, that communicates or signal[s] the consumer’s choice to opt-out of the sale” or personal information as an opt-out request.4