Open dmarti opened 4 years ago
One way to deal with this is to basically "white label" the Vanguard form and use it as the generic standard (not necessarily including notarizations for consumers who do not have a requirement for notarization from the companies they seek to exercise their CCPA rights with. But I must observe it's rather sad to see a forced paper process and worse to see the emergence of idiosyncratic processes on a company by company basis. There should be a kind of safe harbor public option any consumer can choose and every company is obligated to accept. Perhaps this is something the regulator can recognize in a future amendment, based on successful adoption of an AA service, over time.
I'm thinking there will be 2 forms:
permission letter for opt out only (which does not have to be "verified"
Power of Attorney (which will have to be strongly verified, probably notarized)
I agree that a paper process is suboptimal, but a costly, working process will be a way to bring companies to the table for a more automated process.
Possibly based on work from the W3C Verifiable Credentials Working Group?
They are requiring a notarized form which is a big deal for one company...but possible to incorporate required elements of this into the PoA workflow, to do once for multiple companies?
https://investor.vanguard.com/privacy-center/assets/California-consumer-rights-request-form-for-agents.pdf