The California Privacy Protection Agency announced a new consumer complaint system is now in effect at its most recent board meeting 14 July.
The new form allows residents and nonresidents to lodge both sworn and unsworn complaints detailing possible violations of the California Consumer Privacy Act. There is also an FAQ page to assist individuals filling out their complaint.
During the meeting, CPPA Special Advisor Elizabeth Allen, CIPP/US, said the new system received 13 complaints after its soft-launch 6 July. Of the complaints so far, she said 77% were sworn, 54% were submitted by state residents, and the right to limit the use of sensitive personal information was the most-alleged violation of the CCPA, while the average user identified four potential CCPA violations in their complaints.
As a provision of the CCPA, California citizens do not need to currently reside in the state in order to file a complaint.
CPPA Board Chair Jennifer Urban said the launch of the new complaint system was well-integrated with the website's interface.
"I am looking forward to (finding) what we can learn from the complaints that come in," Urban said during the CPPA board meeting. "We will eventually have more information, and in line with what our general counsel advises, I personally would really value periodically getting a report with what's being observed from the complaint system. That would be valuable for the board, to understand what priorities may be valuable for the public and would be valuable for businesses."
The new CPPA complaint form states an individual's "complaint may be used to broadly monitor industry compliance or to inform an enforcement action," while disclosing any personal information provided could be used in an "administrative or judicial proceeding."
The form asks six required questions including the nature of the complaint, such as right to delete matters and the right to opt out of commercial data sharing. Other required questions include the names of entities the complainant alleges violated their privacy and if the individual reached out to the entity prior to lodging the complaint.
The seventh question asks the user if they are submitting the complaint either sworn or unsworn. Users lodging sworn complaints are required to provide their contact information and attest the facts they allege are truthful under the penalty of perjury. If the user makes a sworn complaint, the form populates required fields for the individual to enter contact information.
CPPA board member Vinhcent Le said the new form was a step in the right direction toward streamlining the host of services the agency provides for stakeholders.
"This is exactly what I would like to see from the agency, when it comes to other tools for the public and for businesses, whether (those are) submitting risk assessments or security (certifications)," said Le during the meeting. "Just to make compliance easier where we can."