After GDPR, CCPA is another acronym disrupting the data-driven business, across the globe.
What is this CCPA?
The California Consumer Privacy Act (CCPA) regulates the way companies that do business in the Golden state collect, use, and share personal data of consumers. The CCPA went into effect January 1st, 2020.
The goal of the act is to provide additional data privacy rights and consumer protections for residents of California. Practically speaking, the act gives California residents the right to opt-out of having their personal information sold to third parties, delete their data, and request disclosure of their personal information.
Furthermore, under the CCPA, California residents enjoy the right to equal service, price, and right to be notified. Penalty for non-compliance ranges from $7,500 per violation to $750 per consumer.
CCPA is likely to enrich the customer's journey throughout the marketing funnel and yield long-term results even after a hiccup start. Marketers need to create a proper strategy to avoid hefty penalties. So, it’s worth checking your marketing department is playing everything by the book.
Does this concern you?
If you’re doing business in the US, chances are it does. California makes up 12% of the national population and no less than 17% of its net worth.
Any company that:
- Does business in the state of California
- And has annual gross revenues in excess of $25 million;
- Possesses the personal information of 50,000 or more consumers, households, or devices;
- Or earns more than half of its annual revenue from selling personal consumer information
...will be impacted by CCPA. Does that sound like you? Keep reading to make sure your marketing efforts won’t be undermined by this new act, so you can keep reaching your audience with confidence.
Why is this important to marketers?
CCPA is changing the way you interact and engage with prospects and customers. Though the new law is ostensibly localized in California, the 5th largest global economy, any company doing business in California irrespective of their location, is subjected to follow CCPA mandates.
So how will it impact digital business? Will you have to use a new strategy or tweak the old one?
What data are we talking about?
Within the regulation, data is defined as any information that identifies, relates to, describes, can be associated with or links (directly or indirectly) to any particular consumer or household. Yes, that’s very broad, and slightly vague. So we’ll specify it for you.
CCPA categorizes personal data as follows:
- Identifiers (i.e. name, alias, postal address, unique personal identifier, online identifier IP address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers)
- Commercial information (i.e. records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies)
- Biometric information (i.e. DNA or genetic information)
- Internet or other electronic network activity information (i.e. browsing history, search history, and information regarding a consumer’s interaction with an Internet website, application, or advertisement)
- Geolocation data
- Audio, electronic, visual, thermal, olfactory, or similar information
- Professional or employment-related information
- Education information that it is not publicly available
- And inferences drawn from any of the information identified above to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, etc.
How marketers will feel the immediate effect of CCPA
CCPA leaves marketers with the only option of being compliant and not complacent because any deviation attracts heavy penalties, which adversely affect business operations.
The law has forced digital marketers to review privacy policies, update back-end systems, change third-party contracts, confirm subscribers, and audit their contact/email lists. Undoubtedly, these actions are both costly and time consuming, but in the long run, will ensure higher inbox placement.
How to get your data collection and usage policy in place
Great marketing relies on data, and a big dose of creativity. To help you focus on that last part, we’ll give you some key points to get started with regarding CCPA:
1. Audit your list
An audit of your contact list is mandatory. And, if you use a contact list provided by a digital marketing partner, ensure your brand has been given consensus in the consent clause for using their personal data.
2. Ensure data is secure
Implement multi-layered security measures to store customer data. If you're using the cloud, ensure data is encrypted and know what customer information is stored where and who can access it.
3.Cookies and your website
4. Review all your service-level agreements
This applies if you're using third-party software for your marketing. Make sure these partners are operating and maintaining the same high-level standard of compliance.
5. Give customers access and stay organized
Allow all your customers to have access to their data and give them the right to update or delete their communication preferences. For this, it’s important you keep your data organized so you can easily produce it upon request.
6. Educate your marketing department
The direct consequences for you and your partners
Chances are, you’re working with partners to create marketing strategies and execute campaigns. If you are, it’s important to know how the CCPA affects these partnerships and how you can make sure you and your partners are complying.
Whether you’re working with digital agencies, AdTech partners or affiliates, you need to ensure your partners are complying with the CCPA. If they’re not, both you and them will be liable for huge penalties.
As the CCPA is slowly changing the World Wide Web and customer engagement, marketing professionals are likely to feel the impact of the changing data security and data privacy laws. Both organizations and professionals will have to adhere to the new regulations and update their protocols to earn consumer trust. Though it’s relatively new, more states are likely to come up with their blueprint to provide adequate data security to consumers.