The California Consumer Privacy Act (CCPA) is almost month away. This is the equivalent of Europe’s General Data Protection Regulation(GDPR) dealing with consumer privacy.
What is it?
The law gives consumers broad new privacy rights and mandates how companies must manage, store and use customer data. Because of this large scope and the state’s important role in the US economy, this law is bound to impact marketing organizations across the entire US and beyond if they manage data on California residents.
So, what is going to change you ask?
This is similar to GDPR, the CCPA will require organizations to manage the personal data of 12% of Americans in a whole new way. Consumer data collection will become much more complex and data privacy will become a significant issue. Beginning in January 2020, new obligations are going to require organizations to:
- Disclose to consumers what data is being collected and with whom it is shared or sold,
- Stop selling data if the consumer requests it,
- Delete data if the consumer requests it,
- Obtain explicit data collection opt-in for minors under the age of 16,
- Obtain parental consent for minors under the age of 13,
- Provide an easy mechanism for consumers to exercise their rights, including a free phone number and a prominent mechanism on their website explicitly labeled “Do Not Sell My Personal Information.”
Under CCPA, if consumers choose to exercise any of these rights, companies may not charge a higher price or offer a lower level of service (within reason).
NOTE: Esri is currently working on ensuring alignment by enforcement 1/1/2020. If you have any questions regarding privacy with Esri products and services, please reach out to the Esri Software Security and Privacy @ Software_Security@esri.com
Additional information regarding CCPA.