Just a month after the European General Data Protection Regulation (GDPR) took effect, the California Consumer Privacy Act (CCPA) was signed into law in June 2018 to take effect from January 1, 2020, It requires companies doing business with California residents to put their data protection and user privacy policies into good shape.
For any company dealing with B2B Sales and Marketing, compliance may very well be the new standard. So, how does all this affect Sales and Marketing organizations?
Because of recent consumer data non-compliance issues, there are growing privacy concerns in the market to require stronger data protection and greater transparency. However, unlike GDPR, the CCPA makes little reference regarding email and doesn’t refer to permission at all.
Like the GDPR, CCPA provides certain rights to consumers, including the “Right to Know,” “Right to Access,” “Right to Opt-Out”, and “Right to Deletion.” Additionally, the CCPA greatly expands the definition of personal information. Applying these rights and this new definition in practice requires significant changes to be made in how companies operate.
If organizations have the slightest chance of interaction with a California resident, then they have to prepare well for CCPA compliance before the law takes effect. Any organization that is already meeting GDPR can meet the regulatory requirements of CCPA easily.
To avoid the last-minute hiccups and forced compliance, smart organizations go beyond the law and start building trust in customers and reinforcing their loyalty. They do it in such a way that compliance with these new privacy regulations becomes a competitive advantage that garners public goodwill.
GDPR and CCPA both are strategic essentials for organizations and marketers. So marketing heads and leaders of data units should see a new opportunity for gaining advantage and achieving goals instead of considering these regulations an extra burden that limits growth.
Sales and marketing teams should adopt a dynamic approach and active compliance solutions instead of manual privacy requests and static data maps that are error-prone and time-consuming.
Businesses that must comply with this Act
Every business that collects and sells consumer personal information or discloses personal information for a business purpose falls into the scope of this act. There are some additional criteria that a business must meet to come under this Act:
- Have minimum annual total revenue of $25 million
- Hold the personal information of more than 50,000 “people, consumers, households, or devices;” or
- Earn more than 50% of its annual revenue by selling consumers’ personal information
Penalties if a business fails to comply with the Act
Per CCPA, If a business organization is notified of non-compliance by the California State Attorney General or by other relevant regulators, a 30- day window is given to comply with the Act. Intentional non-compliance could lead to a maximum fine of $7500 per violation.
This act also gives powers and rights to consumers. If a California resident’s personal information is illegally accessed, stolen and sold, then the consumer can file a civil suit. The damages range between $100 and $750 per consumer per incident or actual damage or other relief that the court has decided.
Things to keep in mind while preparing for the CCPA
Determine if the Business qualifies for CCPA
Any good-sized organization with crucial customer-facing operations such as digital marketing sells and collects consumer data is eligible for CCPA. That company must have a plan for its business growth and must implement best practices to comply with CCPA.
Start preparation for CCPA
Businesses with GDPR have an advantage to comply with CCPA easily though GDPR and CCPA have many differences. Organizations should consult with the legal advisors or counsel and must prepare a CCPA checklist and strategy for implementation.
Keep monitoring CCPA progress and developments
There should be a transparent process of information collection, data storage, and processes related to management in an organization. Also, consumer data, landing pages, subscription forms, subscriptions, profiles, private policy statements, and other materials related to the consumer should be in the proper language. Managers should keep monitoring the overall CCPA progress and development in the organization.
Make sure that Required mechanisms and communication channels specified by CCPA are in place
Be extra careful for California residents. Define protocols, specific mechanisms and communication channels as per CCPA for collecting personal information of California residents. Companies that develop products (goods or services) must have an engineering team and a customer engagement platform that informs of CCPA compliance.
Adopt CCPA for competitive benefits
There should be total quality service to consumers by giving them data safety and owning responsibility for their information and communicates transparency to encourage consumer trust and loyalty.
RightWave assists its customers in complying with international regulations that impact B2B digital marketing. For more information, contact RightWave.
Martin Rues and Vijay Sihota. “The CCPA for Sales and Marketing Leaders: Everything You Need to Know (California Consumer Protection Act)“. Sales Hacker, Apr 18, 2019
“Business Guidance for the California Consumer Privacy Act“. Dataguise, Sep 4, 2018
“Complying with California’s Consumer Privacy Act of 2018“. Foley & Lardner, Aug 13, 2018
Chad S. White. “CCPA: What Marketers Need to Know About the California Consumer Privacy Act “. Litmus, Jul 3, 2018
“The CCPA for Sales and Marketing Leaders: Everything You Need to Know (California Consumer Protection Act)“. Business, Sales Hacker. Apr 19, 2019