They might seem like simple amendments, but they also serve as strong reminders — especially for the unprepared.
The Sept. 13 deadline for final wording changes to the California Consumer Privacy Act of 2018 (CCPA) is just around the corner, and the progression of the latest amendments signal that the legislature is continuing to make progress with the bill. The most recent round of updates being considered includes employee exemptions, changes for loyalty programs and vehicle recalls, and other clarifications. There is also a “Data Broker Registration” amendment that will potentially require data brokers to register with the California Attorney General.
These amendments bring CCPA back to the forefront of consumer data conversations — most of which surround the topic of preparedness. Many businesses and organizations still find themselves struggling to fully understand the legislation. In fact, a recent study showed that just 14% of companies reported themselves as CCPA compliant, despite the seismic affect the law could have on them. And with potential fines up to $7,500 per violation — a number that should act as a sobering reminder to the other 86% not identifying as compliant — there’s reason for urgency in getting up to speed.
The evolving CCPA
The CCPA (similar in some ways to Europe’s GDPR) will officially take effect Jan. 1, 2020. It’s difficult at this point to gauge the impact that the new amendments could have on the CCPA, which is designed to enable consumers to request and receive the types of personal information businesses’ may have on them and to opt themselves out of a business’s database, but the law is looming. (Find more about the latest amendments and updates to the act here.)
And with the deadline fast approaching, organizations should be striving for compliance in order to maintain goodwill among consumers for their data management practices as well as avoiding hefty fines. Abiding by any privacy and security regulations, while remaining transparent when dealing with consumer data is crucial for brands’ and marketers’ reputations. Remaining thoughtful and adapting as the legislation evolves will keep any organization on the right side of the act — legally speaking and in terms of consumer relations.
But what can be done in preparation of the upcoming law?
From the moment CCPA was announced through the release of the most recent amendments, Infutor’s dedicated development team and security staff, as well as internal and outside counsel have taken every step possible to ensure that we’re compliant ahead of January 1, 2020.
The steps we’re taking include but aren’t limited to:
- Offering multiple mechanisms for California-consumer information requests and opt-out
- Monitoring guidelines surrounding the potential need to provide explicit notice to consumers regarding opt-out and disclosure options
- Researching and identifying the most secure, efficient, and automated consumer verification options
- Review of current Disclosure processes, and ensuring they are specifically adapted to meet all CCPA requirements
- Ensuring information is presented in a professional and user-friendly format
- Ensuring that the intent of the consumer opt-out is fully met and developed
- Researching the reporting requirements in order to comply as they are clarified
As the law continues to take shape, Infutor is closely following every development as the CCPA inches closer to going into effect. We highly recommend that any organization that counts itself among the 86% not currently in compliance act swiftly before the January 1, 2020 deadline. There isn’t a one size fits all solution for CCPA readiness but taking the steps to comply with the law in its current form as well as actively monitoring amendments will help ensure sound strategy.
Note: This article should not be construed as legal advice or as a specific recommendation guide for your company to use in preparing for compliance with the CCPA.
High Level Implications, Infutor’s Process for Compliance, Clients and Partner Considerations
See the steps Infutor is taking to ensure compliance ahead of the California Consumer Privacy Act of 2018