EPIC Encourages CalPrivacy to Enact Independent Testing and Inspection Requirements for Data Broker Audits
Summary
EPIC has submitted comments to CalPrivacy regarding data broker audit requirements for processing deletion requests under the California Delete Act. EPIC recommends establishing independent verification processes for auditors and implementing additional audit requirements for brokers utilizing AI systems, citing data brokers' demonstrated inability to self-report accurately.
IFF Assessment
This article advocates for stronger regulatory oversight and independent verification of data handling practices, which is beneficial for data privacy and security defenders.
Defender Context
This development highlights the increasing regulatory scrutiny on data brokers and the use of AI in data processing. Defenders should monitor evolving compliance requirements and be prepared to audit and secure AI systems used for handling sensitive data, especially in regulated environments like California.