Home Data-Driven Thinking Marketers, Avoid These CCPA Blind Spots

Marketers, Avoid These CCPA Blind Spots

SHARE:

Data-Driven Thinking” is written by members of the media community and contains fresh ideas on the digital revolution in media.

Today’s column is written by Shane Nolan, senior vice president of consumer and business services at IDA Ireland.

The golden age of gathering data through technology for marketing purposes was lucrative for many companies, but this era appears to be over now that powerful new consumer privacy regulations have been adopted.

First came the European Union’s General Data Protection Regulation (GDPR), followed by the California Consumer Privacy Act (CCPA), clearly demonstrating that a new approach to consumer data has become the trend worldwide.

Rather than a temporary trend, this seems to be a sea change that reorders the way companies do business, but based on various surveys, a notable percentage of companies – from 56% to as many as 88% – say they aren’t ready for CCPA, which became official on Jan. 1, though enforcement does not begin until July 1, 2020.

Whether due to confusion about the law, denial, lack of funding to comply or some other reason, many companies aren’t where they should be, and several blind spots have emerged that are preventing companies from taking the necessary steps needed to be on the right side of CCPA.

Blind spot No. 1: Companies think they have enough time because enforcement won’t begin until July 1, 2020.

While it’s true that enforcement won’t go into immediate effect, it’s wise for companies to grasp just how significant CCPA is in the scheme of things: California consumers will now have the power to see personal data gathered about them, know all third parties who’ve been given this data and have the right to be removed from databases, whether online or offline.

This is a massive change, and compliance will take time so there’s no benefit in waiting. We’ve worked with companies that have prepared for GDPR, and we’ve seen that while most companies think they have lots of time, having a few extra months to get organized can be beneficial.

Blind spot No. 2: Marketers think it makes more sense to see how CCPA will be enforced before taking action.

As with GDPR, CCPA enforcement may start small but it will inevitably grow so the smart approach is to avoid penalties by taking the time to reorder how consumer data is handled. Waiting too long makes it difficult to put systems in place and test them before regulations go into effect, so the best mantra is to build compliance into the development cycle rather than bolt it on at the end.

Fines can be steep for violating consumer privacy regulations. The CCPA may penalize companies $2,500 for each record of unintentional violation and $7,500 for each record of intentional violation. This is for each record but a company could have hundreds, thousands or even millions of data records.

Blind spot No. 3: Marketers who complied with GDPR don’t need to worry about CCPA because they’re similar.

While there’s the obvious difference of GDPR covering European customers and CCPA addressing those in California, there are some similarities between the two regulations and some departures. Being GDPR-ready means that a company has privacy-protecting processes in place, which is helpful for implementing CCPA. However, CCPA in some ways goes beyond the scope of GDPR, so it’s best for companies to seek advice on how to best prepare. CCPA focuses on for-profit businesses, which makes it a bigger deal for many marketers.

Blind spot No. 4: CCPA won’t apply to my company so I don’t need to worry about it.

The wisest strategy is to internalize company requirements for CCPA and appoint someone in house to manage compliance. It applies to companies with annual gross revenues of $25 million or more; those that buy or sell more than 50,000 individuals’ data; and companies that make more than half of their annual revenues from selling customer data. It’s surprising how many companies fit into this box. CCPA also applies to companies located outside the state that hold the data of California residents.

The concept of protecting customer privacy is on a roll that isn’t likely to diminish in 2020 – some think that other US states and countries may jump on this bandwagon. The best approach is similar to what companies have done to prepare for GDPR: Have a well-practiced system of identifying customer data, let customers know and follow their wishes.

Follow Shane Nolan (@nolansha) and AdExchanger (@adexchanger) on Twitter.

Must Read

Kickbacks Takes An Outsider’s View While Bringing Ads To AI Agents

Andrew McCalip is a founding engineer at Varda Space Industries, where he oversees the manufacturing of things like hypersonic reentry vehicles and satellite buses.

CTV Buyers Are Getting The Show-Level Performance Optimization They’ve Always Wanted

A collaboration between InterMedia Advertising, Peer39 and Pontiac Intelligence provided show-level cost-per-acquisition data for 94% of CTV ad impressions.

Advertisers Await Programmatic Pause Ads

The IAB Tech Lab is working on standardizing programmatic signals for new streaming TV ad formats, including pause ads. Meanwhile, many brands are eager to add pause ads to their repertoire.

Privacy! Commerce! Connected TV! Read all about it. Subscribe to AdExchanger Newsletters

Why Media Mergers And Spin-Offs Don’t Always Keep Their Promises

With media megamergers, acquisitions and spin-offs left and right, the media landscape is changing at a pace that is difficult to keep up with.

TransUnion is partnering with Blockgraph so that advertisers can use its identity data to target, reach and measure TV households across channels.

How This Disaster Relief Nonprofit Tapped First-Party Data To Reach Donors Year-Round

Staying top of mind for potential donors is an ongoing challenge for Direct Relief. Nexxen’s audience curation helped it spread and sustain awareness.

Why Major UK Publishers Are Finally Joining Forces To Curate Ad Inventory

Atria’s collective approach is a response to growing monetization challenges and the need to protect the value of human journalism in the AI era.