Back To The Future (Of Consent)
Some historical perspective on consent management can help steer teams building for robust privacy operations today. Here are 3 steps to enable more effective consent management in 2021.
Some historical perspective on consent management can help steer teams building for robust privacy operations today. Here are 3 steps to enable more effective consent management in 2021.
To meet users’ rising expectations for data privacy, teams must first understand the basic frameworks for consent management. Different regulations apply distinct approaches to user consent, and growing companies in 2021 need to understand both approaches.
Virginia’s CDPA and California’s CCPA look alike, both in their names and their overall terms. However, companies must understand where they differ in order to remain compliant and to prepare for other states’ laws.
Because modern privacy is still young, the world doesn’t yet have a shared understanding of every term in privacy compliance. To help bring us to that shared understanding, here’s our primer on what we mean when we say “automated data mapping.”
Privacy laws like Europe’s GDPR and California’s CCPA are on the increase around the world, but the field of privacy tech is relatively new. There are two big issues for buyers in this fast-growing market: defining their privacy requirements and evaluating those requirements against the products on offer.
If you’re reading this, chances are you’re familiar with the California Consumer Privacy Act (CCPA), the data privacy law that California enacted last year. You might not know whether the law should concern your business, and why. There are really three key questions for any business to answer regarding the CCPA:
We’ve prepped a short quiz that generates answers to these crucial questions and more. Give it a shot! Otherwise, skip down for more context on the CCPA and why it might matter for you…
Once you’ve figured out whether your business is impacted by the CCPA, the next logical question to ask is: “Why should we care?”
Although the likelihood of getting put out of business from a CCPA fine isn’t “red-alert high” in the short term, there are plenty of reasons to take the CCPA very, very seriously.
Here are four:
The possibility of fines under the CCPA are not the end-all-be-all of compliance, but they are substantial. The California government can prosecute non-compliant businesses with up to $7,500 per violation. In the event of a data breach, fines can reach $750 per affected individual. If just 1,400 individuals are affected, the total fine would exceed $1 million.
Those numbers are nothing to sniff at, but the truth is that the CCPA is just one of many privacy laws coming into effect all over the world. Indeed, next year in 2022, California will be welcoming a much stricter privacy law, the CPRA. Soon the cumulative financial risk to getting privacy wrong will be too big to ignore. Here’s a list of US states that have passed or drafted privacy legislation over the last 3 years.
This is not to mention a federal US privacy law, which observers believe is a real possibility under the Biden administration. Building nimble data privacy ops is an investment in future-proofing your business for compliance. Each law comes with its own nuances, and there is no one-size-fits-all. However, Ethyca’s automated data mapping empowers your company to clearly understand the data in its systems, including third-party applications. Such systems-level knowledge is crucial as privacy laws spring up all around the globe.
Without a dedicated CCPA compliance operation, advertising hubs like Google and Facebook automatically impose restrictive constraints on your company’s advertising abilities. When Facebook imposed these restrictions at the start of July 2020, Facebook advertisers saw an 84% drop in California conversions within the first week. According to the Network Advertising initiative, defaulting to these restrictions will likely inhibit advertisers’ ability to monetize their inventories in the long run. Google and Facebook ranked first and third in US web traffic in December 2020, and California has the highest total GDP and population of any state. With these metrics in mind, advertisers cannot overlook the value of investing in a nimble CCPA function.
With Ethyca CHOICE, building privacy into your company’s infrastructure provides the best of both worlds. Your company regains control of advertising performance while you empower your users to manage their consent to data-sharing.
Manual efforts to comply with the CCPA are costly, on multiple levels. The single act of inventorying all data in your business systems can take months, if not years. On top of the massive time your team would need to dedicate to this regulatory catch-up, there is the possibility of human error in the process. Even an unintentional CCPA violation can cost your business thousands.
Instead of needing a decentralized and prolonged manual procedure to process a single Data Subject Request, Ethyca simplifies the task. With each user’s data inventoried across all business systems, you can count on prompt turnaround of users’ requests, without mounds of paperwork or a complicated team project. In doing so, your users can count on your business as one that respects their data rights.
Complying with the CCPA shows consumers that you take data protection seriously and are worthy of their trust. Consumer trust is more vital than ever. Recent research found 89% of consumers express concerns about their data protection. And when it comes to purchasing habits, 75% prioritize brand trust over price when deciding between products.
Trust is hard to gain and dangerous to lose, with 43% of consumers citing loss of trust as a reason they stopped doing business with a company. Circling back to compliance, a CCPA violation costs more than the hefty fine – it damages a reputation. In 2021, no business can afford to ignore the CCPA. While the CCPA can be intimidating, you don’t have to go it alone. Let us show you how to bring CCPA compliance into your business.
On February 5, 2021, Ideo chose Ethyca for its privacy intelligence to support DSR processing and consent management on its website.
The California Privacy Rights Act of 2020 (CPRA) sets a new privacy standard well beyond California alone. Businesses located anywhere that collect Californian consumers’ information also must abide by the CPRA.
Austin is the newest member of Ethyca’s marketing team. We sat down to ask him a few questions about work, life, and words to live by.
Amidst the diverse demands of today’s privacy regulations, businesses can count on one tool to streamline compliance: an effective data map that provides a complete, accurate, and current view of the data that business holds