If you’re a data broker, this is something you need to be aware of.
If you’re not a registered broker, you may be in some serious trouble.
The California Privacy Protection Agency (CalPrivacy) has taken action against the Datamasters marketing firm that sold the health and personal data of millions of users without being registered as a data broker.
As per the California Delete Act, businesses buying and selling information about consumers are required to register their data brokerage activity by January 31st following each year.
Starting in 2026, this allows consumers to access an online platform called Delete Request and Opt-out Platform (DROP), where they can submit a request to all registered data brokers to remove their personal information.
Here is a link to a service called Drop from the Privacy California folks.
In the case of Rickenbacher Data LLC, operating as Datamasters, CalPrivacy imposed a $45,000 fine for failure to register in time.
I’m sorry, Cal Privacy, but this won’t stop the unauthorization of data sharing with this low of a fine and companies you may not know who they are that may be doing this.
You may have slapped one company, but how many others out there have you not found? This is why services like Incogni and Just Delete Me exist.
Due to continued violations of significant severity, the Texas-based company has also been blocked from selling personal information belonging to Californians.
According to the agency’s final order, Datamasters bought and resold user information of millions of people suffering from various medical conditions (e.g., Alzheimer’s disease, drug addiction, bladder incontinence) for targeted advertising.
This is bad, but how did they get blocked from selling California’s info? I’m curious on how that was enforced. Any ideas, please let me know.
The article continues:
“In addition, Datamasters bought and resold lists of people based on age and perceived race, offering ‘Senior Lists’ and ‘Hispanic Lists,’ as well as lists based on political views, grocery store purchases, banking activity, and health-related purchases,” CalPrivacy says.
The collected data consisted of hundreds of millions of records that included names, email addresses, physical addresses, and phone numbers.
An aggravating factor was the company’s stance on the state’s regulation efforts, claiming it did not do business in California or manage data of Californians, and later admitting the opposite when confronted with evidence and alleging that it was manually screening the data.
Instead of breaking this down, why not read the entire article titled California bans data broker reselling health data of millions and let me know what you think.
You may leave your comments and if you want them aired, please let me know.
I can do a tech program or even air them on the next scheduled TSB we do.
Have a great day!
Discover more from Jared's Technology podcast network
Subscribe to get the latest posts sent to your email.