E25: Season 3 Episode 5: CCPA
Defining CCPA and Cal OPA
CCPA And The Basic Requirements
In general this applies to large for-profit businesses, most small businesses and non-profit businesses do not have to comply. There are a few requirements, annual gross revenues of $25,000,000+ per year, collecting data from 50,000+ California residents from devices per year, or if you’re selling customers data and 50%+ of the revenue comes the selling of the data. So if your business meets any of these thresholds you have to comply with the CCPA regulations.
How To Comply
Understanding that the customer owns their data is the most important part for businesses to focus on, this is a shift from previous regulations. Being able to fully understand the legislation will put you in good place to move towards compliance. The customer owns the data, and can request to have it corrected, request access, and can even request to delete the information entirely. Mapping the data you collect can keep you organized and make sure you’re complying. If you use Google Analytics or ads of any kind you are likely meeting one the thresholds that require you to comply. You need to have a way to receive the requests of customers, as well as a way to disclose the policies to customers. You also need to have a way to return the customers information as well if they submit the request and they don’t have special exceptions, such as for legal purposes. Being well informed about all the information coming in and out can get you in a good place to be in compliance. If you’re confused about whether you’re in compliance, seek legal guidance. This can’t hurt because the average fine is $7,500 per violation, so make sure you’re doing everything you need to comply.
Tom Dunlap: Linkedin
Daniel Davis: Linkedin