Skip to main content

How CCPA Affects Businesses Outside Of California

Information Technology Blog - - How CCPA Affects Businesses Outside Of California - Information Technology Blog

Many countries around the world have data privacy laws that require businesses to protect personal information with utmost care. Not having an active privacy policy not only attracts costly legal battles and substantial fines imposed by the federal government, but it also widens the gap between brand promises and consumer trust.

If you’re operating a for-profit business in California or if you are collecting personal information relating to consumers that reside in this state, the California Consumer Privacy Act (CCPA) is one law that you can’t afford to ignore. If you haven’t heard about this new law just yet, there’s no better time to familiarize yourself with it than now. In this article, we’ve outlined important aspects of CCPA that you should know about, including what this law is and how it affects your business.

What is CCPA?

The California Consumer Privacy Act (CCPA) is a comprehensive data privacy law that outlines strict requirements for companies that collect personal private data. Touted as the strongest privacy legislation enacted in the United States so far, CCPA is akin to the EU’s General Data Protection Regulation (GDPR) due to its comprehensive approach to privacy protection.

While the CCPA went into effect on January 1, 2020, the office of the California attorney general will not take any legal action against businesses that will not have complied until July 1, 2020. This new law applies to for-profit businesses that handle personal information of California-based consumers, business-to-consumer contacts, or employees and that meet any of the following statutory thresholds:

  • Gross revenues of $25 per year
  • Collect, buy, receive, sell, or share personal information of at least 50,000 California-based consumers, devices, or households for commercial purposes,
  • Gain at least 50 percent of its annual gross revenues from selling consumer’s personal data.

While the applicable thresholds exclude many small and midsize companies, a business could meet the second threshold if it attracts at least 140 California-based consumers per day through its website. Furthermore, subsidiaries that share the same branding with their parent companies are also required to comply with the CCPA law even if they themselves do not meet the applicable thresholds.

How CCPA Affects Your Business

If you thought that the CCPA doesn’t apply to you because your business has no physical presence in California, think again. Although California-based companies are directly affected by this law, companies outside of California will also be affected if they meet any of the three statutory thresholds.

According to the International Association of Privacy, the CCPA could affect more than half a million businesses in the United States. With similar laws manifesting in many other states, all companies from all states will have to comply with some sort of data privacy law in the near future.

For companies affected by the CCPA law, the burden of complying is very real. Some of the obligations that your company must meet include:

  • You must publish a Privacy Policy that complies with CCPA regulations
  • You must update your Privacy Policy at least once per year
  • You must have a “Do Not Sell My Personal Information” page if your business sells personal data
  • Inform consumers about what happens to the personal information after they share it with you
  • Preserve a data inventory to outline your history of personal data processing
  • Ensure that consumers are conversant with their rights under the CCPA
  • Alert consumers before or at the time you’re collecting their personal data that you want permission to collect their data
  • Grant consumers the right to access the personal data that you have on them
  • Give details of how consumers can request for your business to erase their personal data

What Must Your Business Do Now?

A good starting point is to take stock of your data and determine what type of data your company is collecting, what you are doing with it, with whom you are sharing it, and where you store it. If you already have a data privacy policy in place, you may need to update it, even if it complies with the GDPR regulations. In other words, it is important to review your data privacy policies and practices to conform to the CCPA regulations.

After putting your house in order, you should take the time to identify all third parties and vendors that receive consumers’ personal data from your business. After you’ve identified them, be sure to add proper contract terms to deal with the CCPA, including terms relating to the use or disclosure of personal data obtained from your business. This is to make it clear that your business is not making your customers’ personal information available for sale to vendors.

Conclusion

Business owners and leaders can expect the CCPA to evolve in the coming months and years. With many states joining the privacy regulation bandwagon, businesses across the United States should seriously consider becoming compliant. Provided that regulatory change in the region will be constant, it makes more sense building a dynamic privacy policy that can easily adjust to changes as they occur.

The post How CCPA Affects Businesses Outside Of California appeared first on Information Technology Blog.



Udimi - Buy Solo Ads from Information Technology Blog https://ift.tt/2VsiYUi
via IFTTT
Labels:

Comments

Post a Comment

Popular posts from this blog

9 VCs in Madrid and Barcelona discuss the COVID-19 era and look to the future

Spain’s startup ecosystem has two main hubs: Madrid and Barcelona. Most observers place Barcelona first and Madrid second, but the gap appears to close every year. Barcelona has benefitted from attracting expats in search of sun, beach and lifestyle who tend to produce more internationally minded startups. Madrid’s startups have predominantly been Spain or Latin America-focused, but have become increasingly international in nature. Although not part of this survey, we expect Valencia to join next year, as city authorities have been going all-out to attract entrepreneurs and investors. The overall Spanish ecosystem is generally less mature than those in the U.K., France, Sweden and Germany, but it has been improving at a fast clip. More recently, entrepreneurs in Spain have moved away from emulating success in pursuit of innovative technologies. Following the financial crisis, the Spanish government supported the creation of startups with the launch of FOND-ICO GLOBAL, a €1.5 billi...
Post a Comment
Read more

How to Stay Creative and Keep SEO in Mind

Information Technology Blog - - How to Stay Creative and Keep SEO in Mind - Information Technology Blog Search engine optimization (SEO) refers to customizing your website’s content to ensure that web browsers give your website a high SEO score. The sites with the highest SEO scores are featured on the search engine’s first page of search results for relevant searches.  71%  of the click-throughs happen with articles listed on the first page of results on the search engine. This means that if your website’s article is the second (or third, or fourth page), it’s less likely the search user will even see your article. You want your article to be ranking as close to the top of the first page of results as possible. In order to have a good SEO score your site’s content needs to feature keywords and relevant phrases. It must be optimized for easy navigation between pages. It also needs to be referenced via external links that drive traffic to your site. Incorporating all of t...
Post a Comment
Read more

Everything we know about HHS Protect, a secretive government project with Peter Thiel's Palantir that helps brief Trump's coronavirus task force

A secretive project at the US Department of Health and Human Services is working with technology companies to collect and analyze data related to the novel coronavirus .  Dubbed "HHS Protect," the effort tracks information from around the country about coronavirus case numbers, hospital capacity, and even supply chain issues.  HHS uses Palantir Technologies , a data firm cofounded by Peter Thiel, to distill that information for the White House coronavirus task force. Visit Business Insider's homepage for more stories . A secretive project at the US Department of Health and Human Services is working with technology companies to collect and analyze data related to the novel coronavirus.  Dubbed "HHS Protect," the effort includes roughly 2.5 billion pieces of data from healthcare providers, government officials, and labs around the country about coronavirus case numbers, hospital capacity, and even supply chain issues.  The goal is learn about the progress...
Post a Comment
Read more