Data security is one of the most crucial topics of discussion these days. Every business in the present age deals with data, at least to some extent. It is, therefore, utterly important to take measures to safeguard data from unauthorized access and exploitation in any form.
The California Consumer Privacy Act wants consumers to own their personal information. It gives them the authority to know what all information businesses are collecting about them and their family and bestows on them a choice to forbid the companies to do so. If the businesses collect personal information about a person, they have to apprise him or her of the information they have collected, once a year as well without charging for the same. Contrastingly, if they sell any information about someone, it is imperative to tell that person who they sold it to.
CCPA is going to regulate not just the use but also the collection of personal data in California. This is to curb the unbridled access to personal data. It was signed in June 2018 and is to be implemented in just a few months, on January 1, 2020. All the teams in your organizations should know about CCPA Security and not just the Data team. Customers can sue the companies in case of privacy breach. CCPA is similar to the Europe’s GDPR but not exactly alike.
Businesses that are GDPR compliant have an upper edge here because CCPA is to a great extent similar to GDPR and will only require the upgradation of some systems and policies. Businesses that fail to comply will have to pay hefty fines up to $7500 per violation. With the act, consumers will have the right to access data collected in last 12 months. This gives consumers the right to opt out of data collection or data selling. They have new rights to data erasure too.
CCPA is going to have a far-reaching impact on businesses’ data inventories, their processes and system of data mapping, collection as well as selling. If a consumer chooses to say NO to sharing data, businesses cannot respond in any negative way- they cannot deny services, charge more or degrade the quality of their services for that particular consumer. Guardian’s permission will be needed for kids aged 13 or below. It also states – “A business that owns, licenses, or maintains personal information about a California resident shall implement and maintain reasonable security procedures and practices appropriate to the nature of the information, to protect the personal information from unauthorized access, destruction, use, modification, or disclosure”.
CCPA is applicable to any business that is: a sole-proprietorship, partnership, limited-liability company, corporation, association, or other legal entity that is organized or operated for the profit or financial benefit of its shareholders or other owners, that collects consumers’ personal information, that does business in the State of California, and that satisfies one or more of the following thresholds:
(A) Has annual gross revenues in excess of $25,000,000
(B) Annually sells, alone or in combination, the personal information of 50,000 or more consumers or devices; or
(C) Derives 50 percent or more of its annual revenues from selling consumers’ personal information.
It is applicable to businesses that have customers in California, satisfying the above requirement even if they are not physically present in the state.
Consumers across the world are more data conscious than ever. CCPA will provide customers in California the much needed transparency as well as control when it is comes to their personal data. It is especially going to drastically affect the business models of the businesses operating online. Abiding by CCPA will require the businesses to go through multitude of changes and this will also need some expenditure from the companies’ end as data collected over past 12 months has to processed and tailored.
CCPA is going to bring a paradigm shift in the way businesses operate. Businesses will benefit as they will get more accurate and high quality relevant data due to strict compliance which will eventually result in smarter marketing maneuvers. CCPA is undoubtedly the Harbinger of how the consumer privacy is going to unfold itself in the coming days.