February 5, 2023

Volume XIII, Number 36

Error message

  • Warning: Undefined variable $settings in include_once() (line 135 of /var/www/html/docroot/sites/default/settings.php).
  • Warning: Trying to access array offset on value of type null in include_once() (line 135 of /var/www/html/docroot/sites/default/settings.php).
Advertisement

February 03, 2023

Subscribe to Latest Legal News and Analysis
Advertisement

How many businesses put up a “Do Not Sell My Personal Information” link even when they don’t have to?

The CCPA requires businesses that sell personal information to explain that consumers have a right to opt-out of the sale[1] and provide a clear and conspicuous link on their homepage titled “Do Not Sell My Personal Information” that takes the consumer to a mechanism that permits them to exercise their opt-out right.[2] If a business does not sell personal information and affirmatively states that it does not do so in its privacy notice, it is not required to provide a “notice of [the] right to opt-out” or post a “Do Not Sell My Personal Information” link.[3] Nonetheless, some companies voluntarily choose to include the link. While there may be different motivations to include such a link, a primary motivation might be to give the business the flexibility to begin selling personal information in the future – something the CCPA only permits if the business provided consumers the ability to select “Do Not Sell” at the time their information was collected. 

Approximately 8% of companies that state they don’t sell personal information have chosen to voluntarily provide a “Do Not Sell My Personal Information” option to consumers.[4]


FOOTNOTES

[1] Cal. Civ. Code § 1798.120(b) (West 2021).

[2] Cal. Civ. Code § 1798.135(a)(1) (West 2020).

[3] Cal. Code Regs. tit. 11, § 999.306(d)(1) (2021).

[4] Greenberg Traurig LLP reviewed the publicly available privacy notices and practices of 555 companies (the Survey Population). The Survey Population comprises companies that had been ranked within the Fortune 500 at some point in the past five years as well as additional companies selected from industries that are underrepresented in the Fortune 500. While the Survey Population does not fully match the current Fortune 500 as a result of industry consolidation and shifts in company capitalization, we believe that the aggregate statistics rendered from the Survey Population are representative of mature companies. Greenberg Traurig’s latest survey was conducted between September and October 2022.

©2023 Greenberg Traurig, LLP. All rights reserved. National Law Review, Volume XII, Number 340
Advertisement
Advertisement
Advertisement

About this Author

David A. Zetoony Privacy Attorney Greenberg Traurig
Shareholder

David Zetoony, Co-Chair of the firm's U.S. Data, Privacy and Cybersecurity Practice, focuses on helping businesses navigate data privacy and cyber security laws from a practical standpoint. David has helped hundreds of companies establish and maintain ongoing privacy and security programs, and he has defended corporate privacy and security practices in investigations initiated by the Federal Trade Commission, and other data privacy and security regulatory agencies around the world, as well as in class action litigation. 

David receives regular recognitions from clients and peers for...

303.685.7425
Advertisement
Advertisement
Advertisement