21 May 2022
Quick update just to day that I did get the
specific pieces of personal information
from that CCPA RtK that I mentioned before.
Lots of "OTHER ATTRIBUTES" like
Social: Influencer Propensity:14;
Purchase Propensity: Japanese Luxury Vehicle:10;
along with some sensitive ones. Added to the end of Example CCPA workflow.
It seems like we might have a loophole in the CCPA Regulations.
A business shall identify the categories
of personal information, categories of sources of personal
information, and categories of third parties to whom a business
sold or disclosed personal information, in a manner that provides
consumers a meaningful understanding of the categories listed.
but I don't see where it says the business has to disclose the
specific pieces of personal information in a way that
provides consumers with meaningful understanding.
So it looks like they can send me a bunch of integer and letter codes without a key. This is similar to the Verizon RtK response, by the way. Will probably have to write this up for the CPRA rulemaking. Disclosure of a score really needs to come with a key or units in order to be meaningful.
One piece of good news is that they have me down as 80-something years old, which might help keep me safe from the target selection algorithms for People's Liberation Army assassination drones, bodily fluid harvesting robots, and Texas abortion bounty hunters.