Privacy Isn’t Just for Europeans
Privacy online has been a talking point for a long time now and finally it seems that legislators have picked up on the topic in California by passing the California Consumer Privacy Act (CCPA). The CCPA will become law January 1st 2020. So, with four months to get ready, what do you need to know?
What Does CCPA Mean for Consumers?
Since GDPR was launched in 2018 businesses must be careful about the information they collect from their customers living in Europe. The European legislation gave consumers more power over what is done with the information they leave online. It changed how businesses collect and store customer data. The cost to not following the GDPR? Hefty fines.
CCPA hopes to do the same for California residents. According to Californians for Consumer Privacy’s official website, the organization behind the legislation, the purpose of the California Consumer Privacy Act is threefold:
- Ownership – You can opt out of sharing your information with companies.
- Control – You can control what information IS collected about you.
- Security – You can hold businesses responsible if they misuse your data.
To sift through the official legislation transcripts, California’s Department of Justice has background information leading up to Governor Brown’s signing the bill in 2018.
Are you Affected by CCPA?
Unlike GDPR, CCPA will not, immediately at least, affect all businesses. Initially CCPA is focused on businesses that fall into three main categories:
- If the business has annual gross revenues in excess of $50,000,000.
- If the business annually sells, alone or in combination, the personal information of 100,000 or more consumers or devices
- If the business derives 50 percent or more of its annual revenues from selling consumers’ personal information
As you can see, the initial scope of the law is fairly narrow and targets larger businesses. Whether this will expand over time remains to be seen. But for now, unless your business falls into one of the three categories listed above, CCPA does not currently affect you. However, maintaining consumer privacy is critical for all businesses.
What Do You Need to Do?
By now you should have already altered your privacy policy to reflect GDPR but to ensure compliance with CCPA you may need to add some additional information.
If you collect and process users’ personal information in any way, you need to make sure that your privacy policy includes the following points:
- Information on what kind of information you collect and process
- Some details on why you collect and process information
- How do you collect and process information
- How users can request to access, change, move, or delete any of their personal data
- How you plan to verify the identity of the person who submits a request
- If you’re selling customers data you need to disclose that and explain how they can opt out of the selling of their data
Please note: we’re not attorneys. So, this information may not all conclusive. As the law comes into effect you may see additional changes and interpretation to CCPA compliance.
What’s Next for Marketers?
First GDPR, and now CCPA. Does this mean that third-party data is on the way out? Businesses have been using third-party to help build detailed profiles of their customers since the dawn of digital marketing. So, as more privacy related legislation is enacted, will we see a change in marketing tactics? At the moment it is too early to tell, but brands need to ensure they are not relying too heavily on third-party data. Because it might not be as easy to collect for too much longer.
CCPA Compliance
Keeping your customers data safe should be a priority of every business. Trust is important. Once lost, it’s expensive and time-consuming to rebuild. Having a solid data protection strategy is the first step towards building trust. If you’re worried about that CCPA or GDPR could affect your business, feel free to reach out.
How Topic Clusters Work: From Successful Content to Website Structure