CCPA Compliance and Your Marketing Team
by Sarah Harvey / November 26th, 2019
CCPA Implications for Marketing
It’s no secret that digital marketing is undergoing a major transformation – one that is centered on giving consumers more autonomy over the way their personal information is collected, used, stored, sold, and transmitted. Last year, we saw how the EU’s General Data Protection Regulation changed the international landscape of marketing, and 2020 will be the year the US really feels the brunt of the data privacy revolution, starting with the California Consumer Protection Act (CCPA). What are the implications of the latest data privacy law to go into effect? What does CCPA mean for marketing? How can marketers prepare? Let’s find out.
How Can Marketers Prepare for CCPA?
Do you market or sell your products to California residents? Even if your business is not physically located within the borders of California, you are still required to comply with the new data privacy law as CCPA applies to any for-profit organization that meets any of the following criteria: has an annual gross revenues of over $25,000,000; buys, sells, or shares the personal information of 50,000+ consumers per year; or, derives 50% or more of their annual revenues from selling consumers’ personal information. This means that, for most organizations across the United States, there is an immediate tension between CCPA and their marketing activities. Because today’s digital marketing landscape depends on the collection of personal information (i.e. names, emails, birthdays, phone numbers, Social Security Numbers, etc), marketers must make data privacy a priority. Here are some of the ways that marketers have gotten started on their CCPA compliance efforts.
- Education: It’s hard to not see CCPA topics throughout webinars, blogs, infographics, white papers, videos, and social media. The experts are providing educational content to marketers. There’s no excuse not to learn and prepare for CCPA compliance.
- Data Mapping: Data mapping is a critical area of data privacy. In order to ensure that the data you’ve collected is as secure as possible, you need to first know what data you’re collecting, why you’re collecting it, who interacts with the data, where it’s stored, and how it’s used, transmitted, and/or secured. Data mapping also gives you the opportunity to ensure your vendors, like email services, are also CCPA compliant.
- Collecting Consent: When it comes to CCPA and marketing consent, entities must provide four easily accessible notices. According to the California Attorney General’s newly released regulations, organizations must provide a Notice at Collection of Personal Information, Notice of Right to Opt-Out of Sale of Personal Information, Notice of Financial Incentive, and Privacy Policy to consumers. This helps ensure that consent is affirmatively and freely given, and that consumers have been informed of their rights to access and erasure under CCPA.
- List Cleaning: Data mapping and revising consent collection processes will help you create clean list; however, organizations must still work through cleaning the lists that they currently use. Organizations should evaluate how the data was collected, whether consent was freely given, and if the data is still being used and/or is necessary.
Benefits of Data Privacy and Compliance for Marketers
Although compliance may seem daunting right now, embracing data privacy regulations will prove to be fruitful for organizations in the long run. Why? Because when organizations demonstrate their compliance with data privacy laws, like CCPA, GPDR, or PIPEDA, they reap the following benefits:
- Building customer trust is a difficult task in this day and age; digital consumers are fearful of unwanted follow-up, sales pitches, cold calls, and spam. CCPA compliance is an opportunity to present your organization as a secure and trustworthy service or source, and even has the potential to rebuild the trust that many digital consumers have lost. This trust may actually result in greater sharing of personal data.
- Complying with CCPA pushes marketers to put the user experience first and demonstrate that you respect user preferences.
- CCPA compliance gives marketers the opportunity to improve their data security as they engage with prospects and consumers.
- Because email marketing strategies may need to be shifted for CCPA compliance, this gives marketers an opportunity to focus on areas that may not be so heavily impacted by GDPR, like social media, SEO strategies, and content creation.
- CCPA compliance may bring a competitive advantage for two reasons. First, meeting CCPA compliance demonstrates to prospects and consumers that your organization prioritizes data security and user privacy. Second, once you’ve taken steps towards CCPA compliance, you can reduce the likelihood that your organization or your clients will face regulatory investigations and fines.
As a data-centric industry, marketing departments and agencies alike will have to swiftly adopt data privacy best practices, or they’ll be left in the dust. If your organization is just starting out on your CCPA compliance efforts or has questions about how your marketing practices need to evolve in order to become CCPA-compliant, contact us today to speak to one of our data privacy experts.
Privacy audits can feel overwhelming.
Privacy laws and regulations are constantly changing, and the process feels overwhelming. This guide will help you feel more confident as you prepare for your next privacy audit.
More CCPA Resources
Privacy Policies Built for CCPA Compliance
California Consumer Privacy Act vs. GDPR: What Your Business Needs to Know
