September 28, 2022

Volume XII, Number 271

Advertisement

September 28, 2022

Subscribe to Latest Legal News and Analysis

September 27, 2022

Subscribe to Latest Legal News and Analysis

September 26, 2022

Subscribe to Latest Legal News and Analysis

Do All the State Privacy Laws Recognize Authorized Agents?

Some modern data privacy statutes mandate that organizations allow third parties – who are authorized by a data subject – to submit access, deletion, correction, or other requests on behalf of a consumer. Such third parties are sometimes referred to as “authorized agents” – a term created by the regulations implementing the CCPA. The following chart compares whether authorized agents are recognized under each of the modern state privacy statutes:


FOOTNOTES

[1] Cal. Code Reg. § 999.326(a).

[2] Cal. Code Reg. § 999.326(a).

[3] Cal. Code Reg. § 999.326(a).

[4] Cal. Code Reg. § 999.326(a).

[5] Cal. Code Reg. § 999.326(a).

[6] Cal. Code Reg. § 999.326(a).

[7] Cal. Code Reg. § 999.315(f).

[8] Cal. Code Reg. § 999.315(f).

[9] C.R.S. § 6-1-1306(1)(a)(II) (2022).

[10] Conn. Sub. Bill No. 6, § 5 (applying authorized agents to opt-out requests referenced in § 4(a)(5)).

[11] The CPRA does not specify whether an authorized agent should be permitted to submit a do not share request.  As of the writing of this article, regulations implementing the CPRA had not been adopted.

[12] C.R.S. § 6-1-1306(1)(a)(II) (2022).

[13] Conn. Sub. Bill No. 6, § 5 (applying authorized agents to opt-out requests referenced in § 4(a)(5)).

[14] As of the writing of this article, regulations implementing the automated decision making sections of the CPRA had not been adopted.

[15] C.R.S. § 6-1-1306(1)(a)(II) (2022).

[16] Conn. Sub. Bill No. 6, § 5 (applying authorized agents to opt-out requests referenced in § 4(a)(5)).

[17] Cal. Code Reg. § 999.301(c).

[18] Cal. Civ. Code § 1798.140(ak) (West 2022).

[19] Cal. Code Reg. § 999.326(a).  The business is only required to allow the authorized agent to submit a request.  The business is permitted to directly confirm with the consumer that the consumer granted agency.  The statute and implementing regulations do not require that the business communicate with the authorized agent other than to intake the request.

[20] Cal. Code Reg. § 999.326(a).  The business is only required to allow the authorized agent to submit a request.  The business is permitted to directly confirm with the consumer that the consumer granted agency.  The statute and implementing regulations do not require that the business communicate with the authorized agent other than to intake the request.

[21] Statute does not address this issue.

[22]  Statute does not address this issue.

©2022 Greenberg Traurig, LLP. All rights reserved. National Law Review, Volume XII, Number 221
Advertisement
Advertisement
Advertisement
Advertisement

About this Author

David A. Zetoony Privacy Attorney Greenberg Traurig
Shareholder

David Zetoony, Co-Chair of the firm's U.S. Data, Privacy and Cybersecurity Practice, focuses on helping businesses navigate data privacy and cyber security laws from a practical standpoint. David has helped hundreds of companies establish and maintain ongoing privacy and security programs, and he has defended corporate privacy and security practices in investigations initiated by the Federal Trade Commission, and other data privacy and security regulatory agencies around the world, as well as in class action litigation. 

David receives regular recognitions from clients and peers for...

303.685.7425
Advertisement
Advertisement
Advertisement