David Carroll 🦅 @profcarroll associate professor of media design @parsonsdesign @thenewschool teaching @mfadt and featured in #TheGreatHack on Netflix July 24 Feb. 08, 2019 1 min read

What would happen if companies and organizations that collect and infer data about you were required by law to securely send you your data dossier monthly?

The California Consumer Privacy Act, enforceable summer of 2020, introduces some notions of a Right of Access into the American privacy regime. Applicable companies should be working on how to comply with adequate access requests by California residents (& EU citizens under GDPR)

I think @CenDemTech made a really helpful comparison chart between CCPA, its own national data rights bill, and GDPR. Here’s the comparison on the Right of Access.

If I ran a company or organization I would try to get so far ahead of future litigation and just voluntarily send a secure link to my customers/users data dossier as a monthly email reminder to encourage healthy data rights hygiene.

I figured out that companies HQ’d in EU may honor Subject Access Requests from non-citizens like me. GameLoft, a French mobile game company, provided me with this data when I used a form buried in their privacy policy. Note that I disabled this game from getting my location info.

You can follow @profcarroll.


Tip: mention @threader_app on a Twitter thread with the keyword “compile” to get a link to it.

Enjoy Threader? Sign up.