phone 866-652-5003 Login
Mar 13th 2020

How CCPA Consumer Rights Could Impact Your Business

Marketers and experts agree that the CCPA represents a major shift for U.S privacy policy. The act may make it tougher for business to acquire and use consumer data. This is especially true for data brokers and digital marketers.

With new compliance rules comes the expectation that consumers will exercise their rights under the CCPA.

Here’s a brief summary of these rights:

The right to request disclosure of the categories and specifics of any personal information collected

An overview of how a consumer’s data is used and whether it’s being sold

The right to opt-out of the sale of this data to third parties

The right to request that a business delete any personal information

The right to not be discriminated against because of this request and the right to have this request honored

As a business, it’s important that you present your consumers with an easy, accessible way to exercise their rights under the CCPA.  

Keep it Simple

Keep the language and the choices on your website simple. Consumers are more likely to honor your compliance efforts if the functionality and options on your website are easy to understand and follow.

If you don’t comply with the CCPA, the CA attorney general has the independent authority to enforce the law. Consumers have a private right of action under the CCPA, which lawyers will likely enforce. Every business has 30 days to resolve the issue before any action or penalty can be assessed.

Even if individual consumers don’t pursue legal action, businesses can still be penalized by the California attorney general.

Bottom line: You need to be sure that your business is ready for CCPA and has a well-documented process for compliance.

Here are some of the potentially vulnerable areas your business should evaluate:

Personal Data is Unaccounted for

To prepare for CCPA, you should conduct an audit to understand where personal data is stored within all of your organization’s systems and data repositories. From there, you will want to establish effective data handling and management protocols, so you know how the data moves within your organization and who has access to it.

Consumer Data Requests Lack a Response Strategy

Storing personal data in multiple systems or repositories is the reality of most corporations.  With the CCPA, you must have an easy, straightforward mechanism for consumers to search, access, and secure personal information your business manages across multiple applications.  

This is critical for CCPA compliance. If a consumer makes a data request, you will be required to comply with it. If you don’t have a plan in place to handle these requests and provide consumer access to all data within all of your data silos, your company could be fined for lack of compliance.

Be Prepared for More Data Privacy Laws

Currently, more than 20 other U.S. states are considering privacy legislation, largely based on CCPA language.  The U.S. federal government is also ready to consider national legislation. Business leaders should start preparing now and accounting for how they collect and use consumer data. 

Related Articles:

How the CCPA Impacts the Auto Industry

Avoid These Common Pitfalls Associated with the CCPA

CCPA Penalties Are Still Going to Happen, Even if the Rules Aren't Final

CCPA Update: Attorney General Proposes Modified Draft Regulations