Mine, and similar services like PrivacyBee and PrivacyHawk are scams, and LTT should consider dropping them as a sponsor and here’s why:
Since the passing of certain recent laws (thinking CCPA, CPRA in California plus laws in Colorado, Virginia, Utah, Iowa and Connecticut, plus GDPR in the EU), consumers have been provided certain privacy rights. These include the rights to ask that their data be deleted, that they get a copy of their data, that their data be corrected, among others.
This is good. The dolphins would agree.
However, receiving, processing and responding to these requests was a new thing for many companies. While early on, many companies did use email, essentially no company of any size does anymore. Why? In addition to the rights, these new laws imposed significant records keeping requirements related to these requests. And for that, e-mail sucks. So dose using email for getting these requests to the right teams for processing.
As a result, more modern solutions have been implemented that allow for automated processing, workflow management, and better records keeping. No company of any meaningful size uses email. I’m the primary privacy attorney for a $25b US company, and we have not used email since late 2019. And we are NOT a tech company (we average about 250 requests a year).
However, these privacy companies are a scam. They KNOW no one uses email. But they charge their customers a LOT of money to do VERY little. Essentially, you provide them with access to your email account (!!!) and they blast every commercial domain they see with automated requests containing your email address. No information that is REQUIRED BY LAW to verify that the person making the request is actually who they say they are. WORSE, these companies are not the “agents” modern privacy law allows to submit requests on others’ behalf.
This means that if my team receives a request from, say, PrivacyBee, for Johnsmith@vroogle.com, my team will have no context for where in our business this person’s data may reside if it does, whether we HAVE to retain their data under some other law, what the user’s name is or if they are actually the ones submitting the request (again, a determination required BY LAW for each request) AND even if all that were provided, we are not permitted to process those requests because of how the law was written.
these companies use scare tactics to lure gullible people into spending a lot of money (PrivacyBee is $200/year, PrivacyHawk is $80) and all of these companies have corporate facing applications that they promise will help your team process requests from consumers using their products (and of course, not their competition). It’s extortion and is a clear conflict.
As a consumer it is worse. While you pay all that money, the majority of company interactions are not automated. Instead, you will get a bunch of emails from these companies directing you to resubmityour request using their online portals OR asking for additional information sufficient to process the request. You could have done that yourself!
So, please reconsider this sponsorship. It’s slimy and gross from multiple perspectives.