Businesses must comply with the new privacy regulations as of Jan. 1
Today’s economy is fueled by data. It’s the foundation of nearly every industry, and businesses have become accustomed to collecting information from and about their consumers for various reasons, albeit for product and service recommendations to understanding behavior in order to personalize experiences. Although privacy settings and notifications are not new, recent large-scale data breaches and shifts in public perception have prompted several states and organizations to take a stronger stance on consumer data privacy.
The California Consumer Privacy Act (CCPA) made headlines when it was passed in 2018 for being one of the most extensive consumer data privacy regulations. With California’s size and influence, the CCPA is expected to set a precedence for future privacy regulations, particularly at a federal level. The landmark act gives California residents increased control over the data businesses and organizations collect from them, including:
- The right to know what personal information is being collected about them and whether it’s being sold or shared
- The right to have their personal information deleted
- The right to opt-out of having information collected about them sold
- Protection from discrimination for those who exercise their rights under the law
Do I need to comply?
- Are you a business collecting and/or using personal consumer data (from more than 50K California residents) by purchasing, selling, or sharing it?
- Are you a business receiving more than 50% of its annual revenue from personal consumer data?
- Are you a business with gross revenues exceeding $25M from selling personal consumer data?
If you answered yes to any of these three questions, then CCPA applies to you and you will need to comply with the law.
When do I need to comply?
The law went into effect January 1, 2020; however, enforcement will follow six months after the California Attorney General issues final regulations, although no later than July 1, 2020.
Steps to take
All businesses that fall under the CCPA compliance requirements must have the appropriate privacy notifications in place before data is collected from a consumer. They must also have a response system in order to fulfill consumer requests to opt-out or who wish to know what data has been collected about them. By now, businesses should have obtained legal counsel on how to comply.
Kochava has partnered with Quantcast, Europe’s preferred consent management platform for web publishers, to provide standardized and scalable consent management across apps and websites.
Choice will adhere to the Interactive Advertising Bureau’s (IAB) California Consumer Privacy Act Compliance Framework for Publishers and Technology Companies, developed to guide industry compliance. The framework strikes a balance between protecting consumer privacy under the CCPA and allowing businesses to provide free, ad-supported content.
While regulations like GDPR and CCPA are extensive and at times confusing—they are not going away. By being prepared with Choice powered by Kochava and Quantcast, businesses will be in compliance. Meanwhile, Kochava will continue to monitor the regulatory landscape and offer the most comprehensive and customizable solutions to help marketers comply.