In the digital world, there is little room for privacy. Several countries and just two U.S. states have since stepped forward with privacy laws they believe could provide the solution. These laws help restrain companies from mining data and selling people’s personal information. These laws also allow people to choose how companies collect and use their data, if at all.
Some people argue that even with laws, there is no such thing as privacy in the digital age. Still, the Cambridge Analytica scandal of 2018 compelled many people to rethink their complacency when it came to data privacy. The scandal highlighted how easily companies can not only access data but potentially use that data against consumers.
Ironically, the European Union’s data privacy laws took effect as the scandal worsened. Shortly afterward, California passed its own data protection laws. Laws related to data privacy are no trivial changes in marketing. Many marketing agents build their marketing strategies on the use of personal data. So, how did this all happen? What changes will you need to make to your marketing strategy to remain compliant? Is your business even affected?
The Development of Data Privacy Laws
In 1972, California voters amended the state’s Constitution to protect the overall safety of its citizens. It believed that the protection from unreasonable searches and seizures provided in the country’s Constitution was not enough. So, it went a step further to include that residents had the right to happiness, safety and privacy.
In more recent years, the European Union created more specific data protection laws. These took effect in May 2018. While many EU member states struggled to adopt the new regulation, the Golden State passed the California Consumer Privacy Act in June 2018. It bears a striking resemblance to the European Union’s privacy laws.
California did not apply the act immediately. Instead, it took time to polish it and only recently issued its proposed regulations on October 11. The state has also requested feedback from the public. Californians had until December 6 to submit written comments, which lasted for a 45-day period. Four public hearings also took place from December 2 to December 5.
At these hearings, several people aired concerns about receiving only a little more than 80 days to become compliant with the newly issued regulations. At the time of writing this article, it appeared that California intended to maintain its January 1, 2020, deadline for the law to take effect. New York is also working on enacting its own data protection laws. There are currently no overarching data privacy laws at the federal level.
The Businesses Affected by the CCPA
To understand how the CCPA will affect businesses, it is first important to determine which ones it will affect. The CCPA mainly concerns itself with regulating large companies that include buying and selling personal data as part of their business operations. It regulates businesses that meet one or more of the following requirements:
- Earns 50% or more of annual revenue from dealing in the buying and selling of the personal information of California consumers
- Buys, sells or shares personal data of 50,000 or more consumers in California for commercial purposes
- Earns more than $25 million annually in gross revenue
If your business doesn’t meet any of these requirements, then the CCPA may not apply to you. Still, you may need to double-check this. Most marketing campaigns rely on the use of personal data to generate sales. If your business falls under this category, then you may also need to comply with the CCPA. Finally, remember to check the ads that run on your website to ensure the algorithms comply with data privacy laws.
How the CCPA Will Affect Companies in 2020
Under the CCPA, affected companies need to acknowledge and respect the rights of customers. These rights include the following:
- The right to know what type of data companies collect
- The right to know why companies collect this data
- The right to have their information deleted
- The right to opt-out of data collection
California consumers also have the right to sue companies for failing to ensure reasonable protection of their data. Still, some experts predict that in spite of privacy laws, most customers will leave a significant portion of their data in the hands of companies. Modern-day consumers understand that without data, companies struggle to anticipate their needs. For instance, Amazon could not find you another product exactly like the one you’ve had in your wish list for a month, but at a fraction of the cost.
Lawmakers are still wrapping up the final details of the CCPA, so there is no guarantee on fine amounts. That said, the fines that are currently proposed range from $2,500 to $7,500 for every violation.
What Changes To Make to Marketing Strategies
After studying the data privacy laws, many business owners and marketers wonder what they’ll need to adjust. The laws affect any aspect of business related to data collection and the use of that data. That includes even how your website functions and the ads it displays.
One of the main difficulties business people worry about is compliance across all regions. Data protection laws differ across country lines. Even within the European Union, some countries enacted stricter versions than the bare minimum provided by the GDPR. Thus, the best approach is to comply with the strictest laws for all aspects of data privacy.
1. Conduct Regular Reviews
If you have never done an internal review of your data privacy settings, now is the time to do so. This can save your company from costly lawsuits in the long run. After this, continue to assess your compliance with data privacy laws at least once per year. If possible, aim for a quarterly review. Address not just the protocols you have in place but how well you’re actually following them.
2. Review Third-Party Contracts
As alluded to before, your partnerships can land you in trouble. Ensure that your website add-ons and the companies you hire remain compliant. Remember that not every company meets CCPA’s compliance requirements. Compliance is also costly. Because of this, some companies may cut corners at your expense. Get their compliance status for data privacy laws in writing.
3. Educate Customers and Employees
Not surprisingly, many companies have stepped up to challenge California’s efforts at privacy protection. Rumor has it that some of California’s biggest tech firms are trying to weaken the CCPA. While they don’t seek to undo the CCPA, some wish to carve out exceptions for themselves. Instead, educate your customers on their rights and ensure employees understand and comply with these. This is a much better approach to building trust than chipping away at consumer rights.
The Bottom Line
American states are anxiously observing California’s unprecedented rollout of data privacy laws in the country. In fact, several states have already taken steps to follow California’s move. Data privacy will also grow in importance across the globe. To ensure your marketing strategy remains compliant, choose wisely. It’s important to work with companies that have international experience.
SEO specialists that have served clients within the European Union may offer invaluable knowledge. Boostability is an award-winning SEO company, serving clients in a global market. Contact us with any questions about compliance for the CCPA and other privacy laws at 1-877-672-9676.