OTHER ATTRIBUTES
21 May 2022
(update 30 Sep 2022: add link to Colorado regulations.)
Quick update just to day that I did get the specific pieces of personal information
from that CCPA RtK that I mentioned before.
Lots of "OTHER ATTRIBUTES" like
Social: Influencer Propensity:14;and
Purchase Propensity: Japanese Luxury Vehicle:10;along with some sensitive ones. Added to the end of Example CCPA workflow.
It seems like we might have a loophole in the CCPA Regulations.
It says, A business shall identify the categories
of personal information, categories of sources of personal
information, and categories of third parties to whom a business
sold or disclosed personal information, in a manner that provides
consumers a meaningful understanding of the categories listed.
but I don't see where it says the business has to disclose the
actual specific pieces of personal information
in a way that
provides consumers with meaningful understanding.
So it looks like they can send me a bunch of integer and letter codes without a key. This is similar to the Verizon RtK response, by the way. Will probably have to write this up for the CPRA rulemaking. Disclosure of a score really needs to come with a key or units in order to be meaningful.
One piece of good news is that they have me down as 80-something years old, which might help keep me safe from the target selection algorithms for People's Liberation Army assassination drones, bodily fluid harvesting robots, and Texas abortion bounty hunters.
Updated to add some good news from Colorado. Colorado closed the loophole. The Colorado Privacy Act Rules state,
Personal Data provided in response to an access request must be provided in a form that would allow the average Consumer to make an informed decision of whether to exercise deletion, correction, or opt-out rights.
and
For instance, the Personal Data must be provided in a form that is concise, transparent and easily intelligible, and avoids incomprehensible or unexplained internal codes and identifiers.
Will companies maintain both incomprehensible and incomprehensible versions of their data dumping code? Or just make one version that's compatible with both California and Colorado? Or will California catch up with Colorado?
Bonus links
After Buffalo, Will Corporate America Turn Against the Murdochs and Fox News?
We Need to Take Back Our Privacy
How family farmers are working to get federal support for regenerative agriculture
Statistical personality quiz matches you to fictional characters
Online data could be used against people seeking abortions if Roe v. Wade falls
This unsettling Army recruitment video is a master class in psychological warfare
Facebook Can’t Shake Publicity Rights Claim–Hepp v. Facebook
