The CCPA Just Went Into Effect: Here’s What Marketers Need to Know

The California Consumer Privacy Act (CCPA) has been put into effect by California Assembly member Ed Chau as a compromise between tech companies and advocates for data privacy. The law went into effect on January 1, 2020, granting new consumer rights relating to the access, deletion of, and sharing of users’ personal data that is collected by companies. Roughly a year following GDPR, the United States is long overdue for legislation outlining the protection of citizens’ personal information, and with the CCPA serving as the strictest data privacy law the United States has ever seen, we’re expecting massive changes in the way marketers use data in 2020 and beyond. 

What are users’ rights? (Retrieved from the CCPA website)

– Right to know all data collected on them, including what categories of data and why it is being acquired, before it is collected, and any changes to its collection

– Right to refuse the sale of their information

– Right to request deletion of their data

– Mandated right to opt-in before the sale of information of children under 16

– Right to know the categories of third parties with whom their data is shared, as well as those from whom their data was acquired

– Enforcement by the attorney general of the state of California

– Private right of action should breach occur, to ensure companies keep their information safe

Who is required to be CCPA Compliant?

– Companies with over $25 million in annual revenue

– Companies that collect the personal information of 50,000 people or more every year

– Companies that derive 50% or more annual revenue from selling consumers’ data

– Nonprofits are exempt 

What makes the CCPA groundbreaking is the type of data users are able to see for the first time, this includes smartphone locations, voice recordings, logs of online activities, physical locations, ride routes, facial data, ad-targeting data, and information on how they’ve used this data to make inferences upon intelligence, behavior, attitude, socioeconomic standing, and numerous other factors. Users’ data requests must receive a response within 45 days, and those wanting to prohibit the sale of their data are advised to prominently display a notice stating, “Do Not Sell My Data”. At the surface, these regulations appear straightforward, but there’s a lot to unpack here, particularly what it means to “sell” data. 

The nuances of the CCPA aren’t universally understood, and industry-wide, companies are taking a stand against what it means to “sell data”. The very companies that have most poignantly affected the way we look at data privacy (namely Google, Facebook & Amazon) have taken the stance that they do not sell personal data. Amazon’s privacy page discloses “We are not in the business of selling our customers’ personal information to others.” Yet just a few lines down they acknowledge, “Third-party advertising partners may collect information about you when you interact with their content, advertising, and services. […] We provide ad companies with information that allows them to serve you with more useful and relevant Amazon ads and to measure their effectiveness.” Similarly, Peloton makes the claim that they do not sell data “as we understand it,” then recoil at the statement by pointing out that California law hasn’t clarified what constitutes a “sale of data”. Indeed on the other hand has asked opt-out users to outright delete their accounts.

Clearly, there’s an industry-wide disconnect on how to approach the new law, and technology leaders with the greatest foothold on our data are challenging the CCPA with their own interpretations.

For every record of an unintentional violation, companies will be fined $2,500, and each intentional violation will be fined $7,500. According to eMarketer, only 27% of companies are expected to be CCPA compliant at some point in 2020. They also found that cost is the greatest roadblock in becoming compliant, with estimated initial costs potentially reaching $55B. In the short run, the CCPA will constrain smaller firms far worse than the well-prepared (and lawyered) conglomerates, but industry experts are expecting this imbalance to level with the emergence of third-party solution providers.

Cost of compliance aside, the root of marketers’ anxiety lies in the imminent loss of valuable data. Matt Voda, CEO of OptiMine Software, told Marketing Dive, “The consumers’ right to be forgotten and not have data be sold has downstream, negative impact around certain forms of marketing measurement.” He also adds that this could pose “significant problems” for multitouch attribution (as if MTA measurement tactics weren’t challenging enough). Others have called to question whether the CCPA may lead to privacy becoming the premium option, similar to how AT&T up-charged customers hundreds of dollars annually for opting-out of behavioral targeting. For now, the pervasive effects are unknown, although it’s safe to assume the CCPA will provoke widened awareness and public interest in data privacy as well as intensified pressure on government officials to homogenize these standards across the United States.

Leave a Reply

PUBLISHED BY Emily French

View all posts by Emily French

Related Posts

Technology

ZOOM into the New Reality…and What Really Matters

As originally published by David Sable on Linkedin. Make no mistake…this too shall pass (I, for one, have just graduated from social isolation to social distancing), and by the end of it, we will be stronger (hopefully), knowing that we got through it. We will be smarter (I pray), knowing that we can no longer […]

CISO’s Guide to ShieldX and Zero Trust Networking

With the onset of cloud computing, perimeters dissolved due to fragmented data centers. Suddenly, data and applications went from nicely confined rooms with a handful of doors and windows to virtualized environments with no perimeters. It was back to the Wild West, which meant security and compliance were quickly downgraded—and the increased interest in Zero […]

#MillenniumLive , Marketing , Retail

#MillenniumLive Talks DTC, Customer Loyalty & Attribution with Mark Friedman

Mark Friedman’s vanguard insights hail from his experience with a number of top retail companies, like Steve Madden and Brooks Brothers. He is now the President of Details Interactive and recently launched his own podcast, The Marketing Playbook Podcast. In this week’s episode, Mark shares his wisdom on a number of topics, including the shakeout […]

Digital , Marketing

How to Value a Company by Analyzing Its Customers

As originally published by our Marketing Thought Leader, Daniel McCarthy & Peter Fader on HBR.com. In the weeks leading up to the initial public offering of apparel retailer Revolve Group, in June 2019, investors struggled to come up with a fair valuation. Several recent IPOs—most notably those of the ride-hailing firms Uber and Lyft—had been […]

Lovin’ Digital Diary?

Premium content to our readers interested in all things business.

Check Us Out!

Millennium Membership offers Fortune 1000 C-Level executives, leading public sector/government officials, and thought leaders across a variety of disciplines unique and exclusive opportunities to meet their peers, understand industry developments, and receive introductions to new technology and service advancements to help grow their career and overall company value.

About Millenium Alliance Next

About Digital Diary

Created to provide premium content to our readers interested in all things business.

Launched in 2017, Digital Diary was created to provide premium content to our readers interested in all things business. With our blogs catered to deliver the top news stories, trends, and interviews from across all industries.

Read all story Next

Interested in Millennium Membership?
Find out if you qualify here.

arrow