Feldman Warns Calif. of Unintended Consequence of Privacy Law

CPSC Commissioner Peter Feldman February 24 wrote the California Attorney General to warn that the state's privacy regulations could undermine recall effectiveness. The issue is right-to-delete provisions and the effects on the availability of certain personally identifiable information (PII) for contacting consumers during recalls. The underlying law is the California Consumer Privacy Act (CCPA). Feldman wrote (bit.ly/2HQEMkC):

"Because CCPA’s 'Right to Delete' provision, and updated implementation and streamlining regulations, could result in the deletion of this critical consumer PII, it is my hope that you will consider language to preserve its availability to allow for the efficient transmission of recall notifications. The CCPA states that '[a] consumer shall have the right to request that a business delete any personal information about the consumer which the business has collected from the consumer.' While the CCPA contains a number of exemptions under which failure to fulfill a consumer's request to delete PII would be permissible, no exemption for consumer safety or recall efficiency currently exists. Regulatory language to this effect would be appropriate to further consumer safety."

In a concurrent press release about his letter, Feldman asserted that if the state "does not create a direct notice recall exemption to CCPA’s ‘Right to Delete’ provision, it will lead to serious injury or even death."

He voiced similar concerns to state officials about a year ago (PSL, 4/1/19) during work towards updating the rules under the CCPA. More recently, (PSL, 1/13/20), he wrote to leaders of the U.S. Senate Commerce Committee to explain his worries about right-to-delete laws.