Don’t sell my data! We finally have a law for that

Geoffrey A. Fowler:

With apologies to the Beastie Boys: You gotta fight for your right to privacy.

America’s first broad data privacy law, the California Consumer Privacy Act, went into effect Jan. 1. These days, a wild range of companies gather and sell your data, from Ford and Chipotle to Uber and Walmart. Now the CCPA gives you the power to say cut it out.

And while the law technically covers only California residents, Americans living anywhere can use the CCPA to reset their relationships with more than a dozen major businesses (and counting).

Just know that some companies are going to make you jump through hoops. To help, I’m breaking the CCPA down into bites — and collecting below a growing list of links you can use to take action.

I’ve been learning how to use the law by filing requests to more than 100 companies. To be covered by the CCPA, companies have to make more than $25 million per year or collect data on more than 50,000 people. They’re not incentivized to make it easy: Amazon hid critical links in legal gobbledygook. Marketing data company LiveRamp asked me to submit a selfie holding my own ID, kidnap-victim style. Walmart asked for my astrological sign to confirm my identity. (Really.) And one business left me a voice mail, but the message included no return number … or even the name of the company. (Please call back!)