diff --git a/administrator/components/com_privacy/controllers/request.php b/administrator/components/com_privacy/controllers/request.php
index 60e01a3c177a0..3bd3ab64c0acd 100644
--- a/administrator/components/com_privacy/controllers/request.php
+++ b/administrator/components/com_privacy/controllers/request.php
@@ -287,7 +287,7 @@ public function invalidate($key = null, $urlVar = null)
 	public function remove()
 	{
 		// Check for request forgeries.
-		JSession::checkToken('get') or jexit(JText::_('JINVALID_TOKEN'));
+		JSession::checkToken('request') or jexit(JText::_('JINVALID_TOKEN'));
 
 		/** @var PrivacyModelRemove $model */
 		$model = $this->getModel('Remove');