ARTICLE
Previous    Next

California Consumer Privacy Act Begins in January

By Mamie Patton | September 26, 2019
California Consumer Privacy Act of 2018

This January, the California Consumer Privacy Act will restrict how companies collect and use data. RLM has a solution to help you stay safely in compliance.

CONSUMERS ARE INCREASINGLY CONCERNED AND DISTRUSTFUL ABOUT THE COLLECTION AND MANAGEMENT OF THEIR PERSONAL DATA ON THE INTERNET.

After headlines about Target, Equifax, Capital One, Marriott, Yahoo, eBay, Heartland Payment Systems, and more, it’s no longer shocking when news of a major breach is released. California is the first state to regulate consumer protection, though it will not be the last, as other states are using this act to inform their own privacy legislation. North Carolina is working on such a bill now.

WHAT THE ACT DOES FOR CONSUMERS

The Act provides California residents the right to know what data is being collected and how it is being used; the right to say no to the sale of personal data; and the right to request deletion of any personal information collected from them.

According to Forbes, the rights can be into five general categories:

  1. “Businesses must inform consumers of their intent to collect personal information.
  2. Consumers have the right to know what personal information a company has collected, where the data came from, how it will be used, and with whom it’s shared.
  3. Consumers have the right to prevent businesses from selling their personal information to third parties.
  4. Consumers can request businesses to remove the personal information that the business has on them.
  5. Businesses are prohibited from charging consumers different prices or refusing service, even if the consumer exercised their privacy rights.”

WHAT BUSINESSES MUST DO

The Act requires companies to make certain disclosures at the time the personal data is collected, including:

  • The existence and nature of consumers’ rights under the Act.
  • The categories of personal information collected.
  • The purposes for which that information is collected.
  • The categories of personal information that were sold or disclosed in the preceding 12 months. Companies will need to update their privacy policies every 12 months to comply with the act.

WHO MUST COMPLY

Your company does not have to be based in California to be affected by this regulation. Compliance applies to any business that collects consumers’ personal data, does business in California, and satisfies at least one of the following thresholds:

  • Has annual gross revenues in excess of $25 million.
  • Receives or controls the personal information of 50,000 or more California consumers, households, or devices annually.
  • Earns 50% or above of its annual revenue from selling consumers’ personal information.

ENFORCEMENT

According to the American Bar Association, the Act is enforceable by the California Attorney General who will be authorized to pursue civil penalties of up to $7,500 per violation. Additionally, consumers can seek litigation either individually or as a class, though there are some hoops they must jump through.

The Act Takes Effect January 1, 2020, with an enforcement date of July 1, 2020. There are predictions that there will likely be some amendments or modifications to the Act before then, but the ABA and other authorities are advising businesses to act now to get plans and processes in place to meet the deadlines.

RED LETTER MARKETING HAS PARTNERED WITH COOKIEPRO BY ONETRUST TO OFFER A COOKIE CONSENT AND WEB SCANNING SOLUTION.

CookiePro is an industry-leading, privacy management software platform that scales to support billions of consent transactions, and regularly updates to meet new requirements.

The service includes all the elements needed to cover both the California Privacy Act of 2018 and the GDPR (General Data Protection Regulation) requirements. Plus, ongoing updates ensure that as new state regulations are passed, CookiePro will update the software to include them. The service includes:

  • Cookie Banner
    Generates a cookie banner to inform visitors that cookies are being used on your website.
  • Prior Consent DNT and DNS
    Blocks cookies to respect a visitor’s prior consent, Do Not Track and Do Not Sell.
  • Cookie Preference
    Provides granular cookie preferences, including the ability to update or withdraw consent.
  • Records of Consent
    Maintains granular records of consent transactions to demonstrate compliance over time.
  • Cookie Notice
    Embeds a dynamic list of cookies, categories, and descriptions in your Cookie Notice.
  • Audit Trail
    Access to your complete history of previously published versions, saved in a script archive.
  • Ongoing Management
    Red Letter Marketing will review cookie settings, run CookiePro web scans and check if cookies included in the terms and conditions by CookiePro are up to date monthly.

The CookiePro by OneTrust partnership adds to RLM’s suite of website services, including RLM OverSite™ and OverSite™ Plus, Sucuri WAF (Web Application Firewall), and hosting.

THIS TURNKEY SOLUTION MEANS YOU CAN CONCENTRATE ON RUNNING YOUR BUSINESS AND LET THE EXPERTS IN PRIVACY MANAGEMENT TAKE CARE OF COMPLIANCE.

Now is the time to get your business ready – January, 2020 is only 3 months away.

Let's Talk