Every now and then I get what feels like a bad-faith form letter from someone who I’ve never heard of before, has probably never even come to this website, and is probably a privacy lawyer out to make a quick buck.
UPDATE: The mystery has been solved.
Here’s the most recent one:
To Whom It May Concern:
My name is [REDACTED], and I am a resident of Norfolk, Virginia. I have a few questions about your process for responding to California Consumer Privacy Act (CCPA) data access requests:
Would you process a CCPA data access request from me even though I am not a resident of California?
Do you process CCPA data access requests via email, a website, or telephone? If via a website, what is the URL I should go to?
What personal information do I have to submit for you to verify and process a CCPA data access request?
What information do you provide in response to a CCPA data access request?
To be clear, I am not submitting a data access request at this time. My questions are about your process for when I do submit a request.
Thank you in advance for your answers to these questions. If there is a better contact for processing CCPA requests regarding beesbuzz.biz, I kindly ask that you forward my request to them.
I look forward to your reply without undue delay and at most within 45 days of this email, as required by Section 1798.130 of the California Civil Code.
Maybe I should just not respond and see if they try to sue me for data that I don’t have and have no reason to keep, though.
Incidentally the letter is always exactly the same except for the name and the cited law; they’re always from Roanoke, Virginia, and the wording is otherwise identical each time. They also always come from the same email domain.
So I mean it’s probably a bot, but… to what end? Other folks have been receiving these as well, and the prevailing theory is that it’s people trying to sell GDPR/CCPA compliance packages, but my responses have gone unanswered. So strange.