On July 1, 2020, the final grace period for the California Consumer Privacy Act (CCPA) ended and enforcement began. Companies can now be subject to lawsuits from individuals who believe a business violated CCPA.
Most companies now need to let U.S. consumers opt-out of third-party data transfers. Credit card companies have been doing this for a long time, but most other types of businesses have not. Companies should also be able to demonstrate compliance to regulators in the event of an investigation or complaint. While CCPA lists certain exemptions, all companies should comply with the rules to ensure they’re protected from lawsuits.
Things that can violate the law may be as innocuous as a cookie. Here at AWG, we believe that CCPA is only the first step towards more regulation at a national level. Many states have already enacted similar measures and numerous others are currently addressing comparable legislation.
Businesses should have a long-term strategy for handling and processing customer data beyond CCPA. It is important to consider solutions that address this issue beyond 2020 and across all markets. Giving users more control of their data is good for them, and that willingness to allow it is also a good look for the company.
Need some assistance in making sure your organization is CCPA compliant? Contact the experts at Active Web Group.
No part of this article should be interpreted as legal advice. Consult with a lawyer to learn what your business should do to avoid violating the CCPA.
