We aren’t lawyers. If you’re concerned about your company’s B2B marketing and the CCPA, speak to your company’s legal department or outside counsel. The post below is simply to provide information we’ve assembled from experts around the web.
In this post, we’re going to explain why the California Consumer Protection Act is something that may impact your business-to-business marketing efforts, while also providing a background on the California Consumer Protection Act, insight with regard to why it’s important, tips/reminders when it comes to preparing for Act compliance and more. To begin with, the California Consumer Protection Act is a bill designed to enhance privacy rights and consumer protection for residents of the Golden State, passed by the California State Legislature and signed into law by Governor Jerry Brown on June 28, 2018.
While amendments to the California Consumer Protection Act – in the form of Senate Bill 1121 – were passed on September 13, 2018, the Act actually goes into effect on January 1, 2020. We’re going to delve into the details about the Act in the following paragraphs, but what’s important to know out of the gate is that, similar to Europe’s General Data Protection Regulation (GDPR), the California Consumer Protection Act will primarily affect businesses that collect personal information from Californians.
You can view a GDPR/California Consumer Protection Act comparison here.
What’s more, the Act will apply to any business that earned $25 million in revenue per year, sells 50,000 consumer records per year or derives 50-percent of its annual revenue from selling the aforementioned personal information.
B2B Marketing and the CCPA: How Might the California Consumer Protection Act Affect B2B Marketers?
Put succinctly, marketers need to filter their databases and determine how much of an impact the California Consumer Protection Act will make on their brand; determining if and how many customers or leads they have in their database that are from California is a good place to start. Some marketers may segment this population to ensure compliance is maintained, but if the number is significant enough, they may just want to think about retooling all their data collection processes in order to comply with the Golden State’s standards.
This won’t necessarily be “easier” per se, but it will help B2B marketers ensure they avoid hefty fines. Indeed, for marketers, beginning to apply the concept of the California Consumer Protection Act to all their marketing efforts makes sense because it’s better to think ahead than to just barely comply with increasingly common rules.
Why is the California Consumer Protection Act Important?
Let’s be honest here: California is a massive state. It’s so huge, in fact, that if it was its own country – a notion not completely lost on many top legislators there – its nearly 40 million residents would render it the fifth-largest economy in the world, only behind the US itself, China, Japan and Germany. As they say, with great power comes great responsibility…so what happens in California, by default, affects the rest of the planet.
Here’s the primary reason why you need to care about B2B marketing and the CCPA: It’s the law, and the only way for a company to opt-out of it is to go out of business. For those companies intending to stay in business, however, the Act is just the beginning of what’s to come.
Let this sink in for a moment and then we’ll move on: The California Consumer Protection Act, when fully realized, will be the toughest data privacy law in the United States.
Now, as we mentioned earlier, what the attempts to achieve is a provision of enhanced privacy rights and consumer protection for residents of California, ultimately granting these residents significant rights around their data.
For your information, some of these new rights include:
- Disclosure of personal data collected, sold or disclosed for a business purpose regarding a consumer (this also includes informing consumers about the categories of personal data collected and the purposes for which their personal data will be used).
- Non-discrimination against a consumer who exercises his or her CCPA rights (a sentiment that runs the proverbial gamut from pricing and quality to service levels and beyond).
- Provision of access to data for the consumer.
- Deletion – upon request – of the consumer’s personal data (third-party entities sharing this information must also delete this data).
- Provision of an opt-out option for consumers so they may stop the sale of their personal data before it is shared (part of this encompasses easy-to-use links from a website).
If you are a B2B marketer at a business located in the Golden State or operate outside California but sell to customers residing there, each of those five aforementioned elements means you have some things to consider.
Tips and Reminders When Preparing for California Consumer Protection Act Compliance
Are you ready to meet these new California Consumer Protection Act compliance rules? Some of these new provisions may represent a hidden game-changer for marketers who aren’t ready to comply. Here, we’re going to briefly explore some tips to help you start moving in the right direction.
- Appoint a Team to Lead the Compliance Process – As we approach the 2020 deadline, designate a team of staff members to help direct compliance efforts, including those from your legal and IS divisions. These professionals – along with onsite records management representatives – will lead the charge in understanding legislative intent and how to re-program clients’ data inventory; this can even include cybersecurity professionals who can lend insight to the initiative for protecting un-redacted personal info.
- Program and Categorize Data Inventory – As a marketer, you need to boast the technical abilities to create and categorize your inventory of stored personal data. You will be asked to perform such tasks as verifying consumer identities and providing collected personal information upon individual clients’ requests, and these data inventories should also be at the ready to have this information deleted should the client ask you to. Categorizing your data will make it easier to flag those clients who fall under unique criteria; this could include categories for those who ask you to delete their information.
- Update Your Privacy Policies and Notices – The aforementioned appointed compliance team you put into place should also lead you through the steps of updating your written privacy policies. The California Consumer Protection Act now requires entities to let residents of the Golden State know what information is being planned for sale or collection before it is accumulated.
Closing Thoughts on B2B Marketing and the CCPA
Not all California businesses are subject to the California Consumer Protection Act provisions. This California data privacy act only applies to those entities bringing in 25 million in annual revenues, wherein 50-percent of those revenues derive from personal data sales. What’s more, companies/marketers that sell or buy information for more than 50,000 individuals or households must also comply with the Act.
We’re telling B2B marketing entities to regard regulations like the California Consumer Protection Act as the rule, not the exception. Even if you’ve already established more stringent data collection and consumer privacy measures as a result of GDPR and other recent regulations (i.e., CASL, CAN-SPAM), the California Consumer Privacy Act is something that every B2B marketer needs to understand and prepare for.
A good summary of what the Act is all about can be found here.