California’s new privacy law, the California Consumer Privacy Act (CCPA is now in effect. It is similar to other laws passed in foreign nations, most notably Europe’s General Data Protection Regulation (GDPR), as well as laws in other American states like Alabama, Iowa, Colorado, and Oregon. Prior to these laws, companies could gather personal information and consumer purchase data without consumers’ consent or knowledge.
The big push for tighter online privacy regulation has been driven in large part by the rise of smartphones and voice assistants. These technologies can gather extensive private information in ways that aren’t at all obvious to consumers. In addition, the news media are constantly reporting high-profile data breaches at major retailers and tech firms. In this environment, legislators have come under increasing pressure to give consumers more privacy, security, and control over their data.
Laying Down the Laws
The various data privacy laws differ in many important details, but they all share certain common features. All include protections for transparency, accountability, and consumer consent, and provide enforcement provisions typically resulting in hefty fines.
While the details, again, vary from law to law, the bottom line is that consumers must be easily able to control their personal data.
Complying with CCPA
The spate of new laws has to some extent burdened companies who are used to leveraging personal data for targeted advertising. While many companies are already mobilizing to comply with the GDPR, and will be able to apply many of those measures and practical lessons to CCPA compliance, there are still a number of serious problems they must overcome.
For one thing, under CCPA, companies must make opt-out clearly available to consumers through a button or link on a website. The GDPR doesn’t require companies to gain customer consent to collect and use data, only to provide data to customers on request. In addition, the GDPR only applies to information that can be used to identify the customer, while the CCPA applies to information about the customer and his or her household. Businesses must keep track of this information in an organized way.
Both laws provide for data portability for consumers when technically possible, but differ heavily on the details. Under the CCPA, companies have about a month and a half to comply with a consumer request, whereas under the GDPR they have just the month. The CCPA allows consumers to demand data regardless of reason, while the GDPR specifies the criteria under which a consumer may make such a request.
Prepare for Any Digital Advancement
Overall, businesses will have to change their mindset and daily operations when it comes to data collection. The CCPA is only one of several data protection laws that already exist and others will soon come into effect. Keeping track of consumer information in a secure way and allowing for opt-outs in a simple manner are some of the main points to follow for those abiding by the CCPA.
Secure Data protects consumer privacy in every aspect of our operations. Our data recovery facilities are audited by a third party to ensure we meet industry standards. We go a step further to protect data even after it leaves our lab with our hardware encrypted and GDPR compliant SecureDrive products. No matter the advancements in data protection, Secure Data keeps up with the times to provide you with excellent service. Call 1-800-388-1266 to learn more about our secure practices.