How does California’s CCPA Law affect your company?
By John Winter
This post was updated on 08/6/2020 to reflect the most recent CCPA and GDPR changes.
Tracking users’ online behavior and history is common practice in the digital marketing world. It still sounds a bit ‘Big Brother’ but as users, we’ve come to expect it and, when implemented responsibly, we agree on the benefits it provides.
In simple terms, it’s about gaining permission to collect user data and share that data across platforms to provide a better user experience.
On January 1, 2020, California enacted the California Consumer Privacy Act (CCPA). This is essentially California’s version of General Data Protection Regulation (GDPR) which was recently updated and is set to activate as of August 12th, 2020.
Many remember, back in 2018, a significant number of European websites placing notices on their homepages notifying visitors that the site collects and shares their data. That was one of the effects of GDPR.
So, what does all this mean to Digital Marketing Teams?
Do I need to drop everything?
No, while the law came into effect on January 1st 2020, however, it will not be enforced until July 2020.
Does it apply to every business?
No, the law applies to for-profit companies that do business in California that shares consumer data of more than 50,000 people, or produced revenue of more than $25 million in the previous year.
Do I need to alter our website(s) and app(s) for just California?
CCPA applies to anyone that collects data of California residents (even if they are out of state).
What do I need to do to be compliant with CCPA?
What’s the penalty for non-compliance with CCPA?
There’re of course fines and the real chance that they are significant fines. If a case is brought against your company and you continue to remain non-compliant after 30 days upon being notified, it’s expected that a fine of $7500 per violation will be administered.
While that sounds like a relatively small number, imagine you’ve 100,000 visitors to your website per month, $7500 X 100,000 would be a staggering amount.
We’re GDPA compliant, are we OK?
No, it’s not safe to make this assumption. It does, however mean that you’ve likely implemented some of the key features of GDPR, you’re on your way to meeting the requirements of CCPA, and the updates required to get your website compliant are more straight-forward.
Are my digital marketing efforts going to be impacted?
No, absolutely not, sure there’s going to be some users that will opt of our data collection, but it’s worth noting that over 95% of consumers in Europe have not opted out of data collection.
CCPA doesn’t restrict anyone from selling any data collected either; it just means that users legally have the right to opt out of the collection and selling of data.
What’s my next step?
We’re already executing minor web enhancements for our USA and Global customers to implement small changes to incorporate changes for CCPA. Contact us and we’ll happily review with your teams if your business falls under CCPA and provide an estimate to get your website updated and compliant.
An Early Preview – SDL Tridion Sites 9.5 New GUI
Pankaj Gaur got his hands on an early version of SDL Tridion Sites 9.5 and shares some of the highlights of the brand new interface.
This is Why AI is the Answer to Your E-Commerce Problems
Artificial Intelligence (AI) has started slowly embedding itself into all aspect of our life – be it self-checkout kiosks, virtual assistants on web portals, or smart homes – AI is all around us.
What You Missed at Sitecore Symposium
How can brands thrive in a world where everyone wants to feel like a preferred customer?