As of January 1, 2020, CCPA – the California Consumer Privacy Act – is here. Of course, CCPA compliance requires that companies that do business in California or with California residents, and meet other requirements, must meet certain data privacy requirements to protect new consumer rights. Namely, consumers have the right to see, delete, and download personal information stored about them, restrict the use of such information, and to seek remedies for data breaches.

The recent Microsoft data breach – which exposed 250 million records containing customer service and support logs and was reported on January 22 – couldn’t be timed better to serve as a warning for companies to pay attention to data privacy. Even well-funded companies with dedicated resources struggle to stop errors in data privacy protection.

CCPA Compliance Will Require Investment

The California Department of Justice (“DOJ”) is required to estimate the compliance cost of its proposed rules. The estimates include an initial investment of $55 billion, spread across 15,000 to 400,000 businesses, with as many a 50% being small businesses. In addition, a new ballot initiative, the California Privacy Rights and Enforcement Act (“CPREA”) looks to extend CCPA’s data privacy protections. Furthermore, it’s expected that a number of state legislatures will follow California’s lead and “clone-and-revise” CCPA for their own states.

The reality is that no company can afford to ignore new data privacy laws, and the safest approach is to evaluate the law and adjust your data privacy policy to meet CCPA compliance requirements. Forward-looking companies have already started this process and, most importantly, are anticipating the longer-term trend towards stronger data privacy laws. For example, identity-resolution provider LiveRamp has sold two businesses that provided location services for omnichannel marketing.

Data Privacy Can Be A Competitive Advantage

While the analysis of data privacy laws right now focuses on costs, companies that implement stringent data privacy protections may have a competitive advantage. According to Norman Guadagno, CMO of Acoustic, marketers “should be putting their own systems in place that are transparent and respectful of customer privacy”. Guadagno states that better data hygiene and higher-quality subscribers has driven up open and click-through rates for email marketing.

In addition, a CapGemini report from late last year found the that the European data privacy law GDPR has provided a competitive advantage. GDPR-compliant companies outperform peers in a range of metrics, from customer satisfaction to targeted marketing leads to revenue. According to the report, “92% of executives from compliant firms say their organization has gained a competitive advantage thanks to the GDPR.”

So, while data privacy laws increase concern for companies, those that have completed the work of GDPR compliance believe that the investment paid off. By extension, it’s reasonable to assume that CCPA compliance will give companies an edge as well. The CapGemini report also found that 70% of US companies believe they will be CCPA compliant when the law goes into effect, so it seems that once companies take the first step with more stringent data privacy protections, they are more prepared for future regulations.

Prepare Your Organization for New Data Privacy Regulations

Syntelli Solutions can help you meet new data privacy standards, avoid the costs of non-compliance, and outperform your peers. Contact us to find out how we can help.



SIMILAR POSTS

5G, IoT, and Data Privacy in 2020

As we begin 2020, the 5G rollout is well underway. Carriers are deploying 5G, or the fifth generation of mobile infrastructure, with significantly higher speeds and capabilities to enable the spread of IoT, which promises connectivity for billions of devices for...

read more

In an Era of the Data Breach, Data Security is Paramount

Earlier this year, a hacker broke into a Capital One server, gaining access to 100 million Capital One customer accounts and credit card applications. The personal information that the hacker obtained included information from credit card applications and accounts:...

read more