While it may sound counter-intuitive, the push for data privacy is actually placing more attention on data sharing. Here on The APEX of Innovation, we’ve covered personal data marketplaces, while also featuring examples of how friends and foes in the business world are opening up their data vaults to each other. But now, data privacy and data sharing are taking yet another turn as consumers continue to take back control of their personal information.
In case you missed it, California is on the verge of making a cataclysmic shift in data privacy that has major implications on data sharing for companies doing business in the state. Starting next year, California residents will have the right to ask businesses to provide them with any personal data that the company may have on them. The law, called the California Consumer Privacy Act (CCPA), is designed to force tech companies, consumer services companies, online retailers, as well as data marketplace providers and brokers, and many others, to be more transparent in how they use people’s data.
With some still grappling with the effects of Europe’s General Data Protection Act (GDPR), are companies ready for yet another regulatory hurdle to clear? Maybe not, but that won’t stop the new regulations coming from all over of the world.
According to a recent Wall Street Journal article, the forthcoming California regulation is forcing businesses to “scramble to comply” with new requirements. To be clear, the article states that the law “applies to any for-profit business that does business in California and collects data on California residents, as long as its annual revenue tops $25 million, or it holds personal information on at least 50,000 consumers, or it generates at least 50% of its annual revenue from selling user data.”
To put it another way, the CCPA will impact around a half-million U.S. companies, according to the International Association of Privacy Professionals. For these companies, a customer request for data will need to be fulfilled within 45 days, or they risk fines of up to $7,500 U.S. dollars per person.
So, what can you do?
A recent Forbes article offered up some useful tips and areas of focus that can help your company be better prepared for the upcoming CCPA, as well as the tsunami of additional regulations coming. Take a look:
- Current Capabilities: Understand your capacity to identify all data sources and properly classify all of it, including where it’s located and who has access to it.
- Governance: Preparing for new regulations to go into effect provides a perfect time to revisit your data compliance and corporate governance practices, especially around data collection and use.
- Data Monetization: Complying with new laws like the CCPA can impact current or future data monetization activities—know the implications before regulations go into effect.
- Privacy Controls: Evaluate current data privacy controls and practices, and adjust or expand as needed to comply with new regulations.
- Be Proactive: Establish a team to handle new laws like the CCPA to ensure accountability and proper implementation.
- Monitor Procedures: Implement an ongoing process of evaluation to ensure your company stays compliant over the long term.
Now’s the time to ensure you’re ready for the CCPA, and the next regulation that’s likely just around the corner.