Skip to content

Instantly share code, notes, and snippets.

@natanlao

natanlao/ccpa.md

Last active Oct 25, 2020
Embed
What would you like to do?
CCPA wall of shame

Over the last few months, I've been cleaning up after myself and filing CCPA requests where I can. Here are some of the less-friendly companies that I've encountered in this process.

Sift

Signed me up for marketing emails using the email address I provided for my CCPA request.

Equifax

The worst one of them yet.

I filed a request. A few days later, they notified me that my request for data was fulfilled, then did not allow me to access that data (asking me to call a customer support line). The customer support representative was unable to access the data and filed a new request with a different account, and enrolled me for Equifax Core Credit without my consent.

About a week and a half after that, the request was finally fulfilled. And... the exact same problem. The portal did not allow me to access the requested data, and again asked me to call a customer support line.

The best part is, about half of the times that I had to call the CCPA customer support line, my call was directed to a representative who was not one of the staff that could handle CCPA requests. The representative offered to connect me to the relevant department, at which point the call would play hold music then disconnect.

They also started sending me "educational" emails that I could not opt out of.

QuestBridge

Opened a ticket on January 3. As of March 31st, they haven't responded...

Update, 2 April 2020: They responded, claiming that they are not bound by the CCPA (or GDPR) but indicated that they would delete my information anyway. They said they would contact me with confirmation, so I'm waiting on that.

Update, 24 Oct 2020: I asked for confirmation on 10 Oct. They still haven't responded. I'm still getting emails to my Questbridge email address four years after I used Questbridge...

Imprint.com

Filed several requests with them, both to their general customer service and to privacy@imprint.com, starting from at least 31 Dec 2019. All my tickets opened with general customer service were closed due to inactivity, and my attempts to reopen them were ignored. My emails to privacy@imprint.com have also thus far been ignored.

Riskified

I sent several requests between 12 Dec 2019 and today, 1 Oct 2020. My request still has not been fulfilled, and they've stopped responding to my emails altogether.

TransUnion

Asked for more time to process my request, never followed up at the end of their requested extension, and their CCPA portal now shows an error when I try to access it, referring me to their phone support (with, as they claim, extroardinary wait times) or their social media accounts. No email support available.

Bonobos

I've been trying to file a deletion request for at least a month now. More than that. (I'm writing this near the end of October 2020.) The request portal has told me multiple times that it can't identify me based on the provided data despite

  1. Asking me a bunch of "verification" questions such as what my birthstone is. (I had to look this up.)
  2. Taking my phone number, email address, and physical address that match what is recorded in my account.
  3. Recognizing that I am currently logged in to my Bonobos account by autofilling my email address.

Whatever I do, I get this form email:

Thank you for contacting Bonobos to exercise privacy rights in accordance with the California Consumer Privacy Act (CCPA). We have been unable to identify information related to you based on our identity matching process and the details you provided in your request form.

It links to a FAQ page that, unsurprisingly, provides absolutely no recourse for those unrecognized by their automated system.

The one silver lining is that they usually deny my request within the hour, which is cool, I guess.

@natanlao

This comment has been minimized.

Copy link
Owner Author

@natanlao natanlao commented Apr 4, 2020

Office Depot actually made their request form notably easy and accessible.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.