The issue of online privacy is one that we could hardly imagine a decade ago, and yet with so many advancements in technology, it’s surprising that we haven’t gotten it completely figured out yet. Between various social platforms, review sites, online memberships, and so much more, individuals have their information stored in far more places than they probably realize. For the most part, we’re able to trust entities around the world to safeguard our data, but various breaches over the years have shown that’s not always completely true.
It’s one thing to collect personal customer information on a website and use it for specific purposes. In a lot of cases, when people sign up for something they check a box, click a button, or complete some sort of verification to allow their data to be collected. Sometimes the information is even used to enhance their experience, but it rarely crosses our minds that our information is just free-floating in cyberspace. Bad news – it is. Thankfully for residents in California, a new law is aiming to change all of that.
The California Consumer Privacy Act of 2018
Legislation surrounding online privacy seems to always change, and for Californians who share their information with others, the future is bright when it comes to protection. The California Consumer Privacy Act of 2018 doesn’t actually go into effect until the first day of 2020, but it’s an important enough change to get people talking now. Called the CCPA, this law allows businesses the next year to evaluate just how they gather, use, and share customer information and gives them time to make changes so that they are in compliance come 2020.
Not every single business will fall under CCPA guidelines, as it mainly targets large corporations who sometimes aren’t as careful with customer data as they should be. Groups that meet one of the following qualifications will need to examine their own practices before the law goes into effect:
- Annual gross revenues meet or exceed $25 million
- At least half of all revenues come from selling customer information
- The business buys, receives, sells or shares for commercial purposes annually the personal information of at least 50,000 consumers, households, or devices
Now obviously your average mom and pop shop or even the restaurant chain you love won’t be subject to CCPA, but you’d be surprised at just how many companies will be held to these standards. Many have scoffed at how general the phrase “personal information” really is, but essentially any information that can be linked to a specific household or person falls within that category.
How Will It Work?
In a very general sense, The California Consumer Privacy Act of 2018 gives consumers more information about how their data is used. Many have drawn connections with some of the features of the European Union’s General Data Protection Regulation in that individuals are required to receive a notice from a business before submitting their information. This notice will entail which categories of data will be used and why.
Businesses will be prohibited against collecting further information unless they give yet another notice, so theoretically consumers should always have the right to opt-out of sharing at any time. More details about how information is used are also mandated to be disclosed, including how data is deleted should a customer make that request. Organizations that sell customer data are also legally bound to divulge who they are sharing your information with and what specific data points are being communicated.
Perhaps some of the most important elements to consider from a consumer standpoint is that the CCPA will allow any California resident to opt-out of having their personal data sold to another business. It’s surprising that this hasn’t been a standard practice until now, but at least it’s happening sooner rather than later. The information of minors is also something that’s more heavily safeguarded with this new law, and anyone below the age of 16 will have additional communication from various companies before their data is sold or shared.
Time Before The Crime
Some organizations might find that complying with the CCPA will require a major overhaul of their entire systems and structures while others could have a much easier go of it, but regardless of the difficulty in implementation, at least they have one year to do so. This time is termed as a “look-back” period and starts 12 months after the receipt of a request from a consumer. While some might consider this to be a grace period, it will also include an examination of conduct during 2019.
Businesses who violate The California Consumer Privacy Act of 2018 may receive up to $7,500 in penalties per instance, and the law allows consumers to bring these civil actions to an offending organization with relative ease. If an individual does successfully win a case against a business that has violated the CCPA, they could be awarded between $100 and $750 per incident. Experts are expecting that this legislation will be strongly enforced, so it’s in the best interests of all companies who meet the above criteria to get in compliance as soon as possible.
The Future Of Online Privacy
It’s one thing to bare your soul in a heartfelt online review and worry about the ramifications of your personal information, but it’s quite another to provide your data to a seemingly trustworthy company only to find out that your details have been misused. From spam emails to neverending spam phone calls, we’ve all been the victim of having our information sold countless times. At least for those living in California, the year 2020 marks a time where you can do something about it.
Having been bitten by the writing bug at the young age of 6, Courtney gets to live her dream every day by creating content for a wide range of clients. When she’s not typing away at the computer, she loves spending time with her two sons in the Pacific NW.