Are you ready for CCPA? Tips for complying with California’s new data privacy law

January 17, 2020 Chuck Leddy

By Chuck Leddy

In an era of emerging data privacy regulations, as embodied by GDPR (with its focus on permission) and the new California Consumer Privacy Act/CCPA (with its focus on transparency and disclosure), consumers have more rights and enhanced choices. They will reward B2B companies that show thoughtfulness and transparency about the collection and use of customer data. As CCPA takes effect on January 1, 2020, brands that embrace its new data privacy protocol and its underlying principles will prove that they’re providing a customer experience that’s consistent with what consumers want. Such actions build trust and ongoing customer permission, paving the way for better marketing too.

The general direction of these new data privacy regulations is to give consumers more control over how companies collect, store, and use the data they provide. In general, the emerging regulations are moving away from putting the burden on consumers to opt-out/unsubscribe and instead placing burdens on companies to provide more transparency and/or gain explicit consent from consumers for data collection and use.

Let’s explore the specifics of CCPA and how they may impact your B2B marketing, with some Q&A below.

What is the goal of CCPA?

In a word, transparency. CCPA gives California residents the right to know about, and have more control over how their data is collected, stored, and used. The law gives California consumers, among other things, the right to:

know what data companies have collected from and about them;
stop companies from selling or transferring their personal information to 3rd parties;
receive equal treatment from companies even if a consumer opts-out of data collection; and
assert “the right to be forgotten,” meaning they can ask companies to delete data on them.

Who does CCPA apply to?

Companies don’t need to have a “physical presence” in California (a headquarters, office, warehouse, etc.) to be covered by CCPA, but must simply be doing business (online or offline) with California residents. In other words, online sellers are covered. CCPA applies to all entities who collect personal information about California residents, who “do business” in the state, and who meet certain thresholds: it applies to businesses with annual gross revenues over $25 million, or possesses the personal information of 50,000 or more consumers, or earns more than half of its annual revenue from selling consumers’ personal information. CCPA will thus apply to most major nationwide brands.

What data is covered by the CCPA?

CCPA covers a wide range of customer data, including names, addresses, Social Security numbers, biometric data, geolocation, employment information, metadata, as well as buying and browsing history.

What are B2B companies required to do by the new California data privacy regulation?

Under CCPA, affected B2B companies must:

provide detailed disclosures regarding the personal information they have collected, sold and disclosed in the last twelve months;
give assurances that California residents have disclosure, access and opt-out rights concerning their data;
reveal the categories of personal information being collected and the purposes associated with each category; and
include a clearly displayed link on their website allowing individuals to opt-out of the sale of their personal information to 3rd parties.

What are the penalties for non-compliance with the CCPA?

While CCPA enforcement begins on January 1, penalties go into effect on July 1. For each violation of the CCPA deemed intentional, the maximum fine is $7500. For violations deemed unintentional, the maximum fine is $2500 per violation. Impacted consumers can file lawsuits against violators, and are required to inform the California Attorney General.

What should you be doing now to comply with CCPA requirements?

Here are a half-dozen suggestions for CCPA compliance:

Shift your focus to be more proactive in providing notifications to customers for your data collection and engagement/marketing efforts, especially with California residents. At minimum, add a field in your Eloqua forms asking customers to specify the state in which they have residency to facilitate CCPA compliance. As a general rule, design your messaging strategy to foster transparency and long-term customer trust.
Add clear opt-in language to all your forms and NOT pre-check this box. CCPA does not require explicit opt-in but it’s a good practice in any jurisdiction. For example, you should ensure that all Eloqua forms have the field for capturing opt-ins.
Map out and adjust your data management processes and tools so you can ensure CCPA compliance around disclosures and CCPA-related consumer requests. For example, you should adjust your Eloqua forms to allow people to opt-out of having their information sold if they are California residents (so “Do Not Sell My Personal Information” should be a check box on forms). CCPA will also require you to better manage/segregate data you have from 3rd party vendors.
To drive compliance, build an in-house data privacy team that understands new regulations like CCPA and what they require your B2B business to do. This data privacy team should be cross-functional, including professionals from marketing, martech (such as your Eloqua experts/power users), IT, legal, and beyond.
Build close partnerships with IT and external experts/consultants to drive CCPA compliance. You’ll need both technical skills and legal analysis to get things right, which may require tapping into some outside expertise from your vendor partners and consultants.
Be ready for more data management/ data privacy compliance challenges in the future, because they’ll surely be coming. The trend towards giving customers more control and transparency over their data will not be stopping anytime soon, so you’ll need to be prepared for more change. This requires your organization to build a level of agility into your data management processes, people, and technology. You’ll also need to keep asking “what’s the impact of our actions on gaining/maintaining customer permission?” As consumers gain more transparency and control over their data, that question may be the most important compliance tool of all.

Do you have more questions about complying with California’s CCPA in your B2B marketing? Feel free to contact us directly.

Note: This blog post and the linked content, is not intended to include, nor should be construed to include, any legal advice or business solution addressing the content, interpretation or application of the California Consumer Privacy Act (CCPA) generally or specifically to any client’s or potential client’s circumstances. Sojourn Solutions advises all parties to seek qualified legal counsel regarding the applicability of CCPA to their processing of any personal data, including and especially through any third-party products and/or services.

The post Are you ready for CCPA? Tips for complying with California’s new data privacy law appeared first on Sojourn Solutions.

How Progress improved marketing performance with multi-touch attribution (post 1 of 2)

By Chuck Leddy Multi-touch attribution enables marketers to connect (attribute) touchpoints and marketing a...

Not your mother’s “top 10 blog posts of 2019” post

By Kristin Connell It’s a new year – heck, it’s a new decade – and we’re kicking it off with a look back at...

Resources created to help B2B marketers prove - and improve - the value of marketing.

Are you ready for CCPA? Tips for complying with California’s new data privacy law

What is the goal of CCPA?

Who does CCPA apply to?

What data is covered by the CCPA?

What are B2B companies required to do by the new California data privacy regulation?

What are the penalties for non-compliance with the CCPA?

What should you be doing now to comply with CCPA requirements?

Previous Article

Next Article

Are you ready for CCPA? Tips for complying with California’s new data privacy law

What is the goal of CCPA?

Who does CCPA apply to?

What data is covered by the CCPA?

What are B2B companies required to do by the new California data privacy regulation?

What are the penalties for non-compliance with the CCPA?

What should you be doing now to comply with CCPA requirements?

Previous Article

Next Article

Most Recent Articles

Citeline partnered with Sojourn to migrate to a single Eloqua instance for sending its personalized emails to subscribers to reduce costs, maintain personalized insights, and increase engagement.

This post addresses common Martech challenges that are increasingly demanding the CMO's attention. Key? Seamlessly aligning the customer journey and top use cases with overall business objectives.

In this blog post, we'll delve into the top benefits of conducting a martech stack audit and how it can propel your marketing efforts to new heights.

Citeline improved results by automating their marketing campaign naming conventions using Eloqua plus the Eloqua/SFDC integration for their marketing and sales teams.

Following these spring cleaning tips can save you time, improve your deliverability score, your campaign results, and even the return on investment (ROI) for your marketing automation platform (MAP).

Salesforce has released a guide to marketing automation platforms called "B2B Marketing Automation Platforms: A Marketer’s Guide." We’ll explore how to select and implement a map for you in this post.

Salesforce has released a guide to marketing automation platforms, called (fittingly enough) B2B Marketing Automation Platforms: A Marketer’s Guide. We'll detail the findings in this blog series.

What do marketers think are the most important benefits of automation? "The State of Marketing Automation 2022" report identified the top survey results, which we address in this blog post.

So where specifically are B2B marketers investing in their “data ecosystems,” and what steps are they taking to ensure their data quality? Answering that key question is the focus of this blog post.

In our February Oracle Eloqua User Group meeting, Sojourn’s Kelly Newton shared a time-saving tip about using copy/paste on Eloqua's Campaign Canvas. This post features her tips and the active Q&A.

The tips detailed in this post should be used when deploying ChatGPT to create B2B marketing campaign content for emails, landing pages, or other formats. Note, a human should review all AI results.

In its annual report State of the Marketing Ops Professional, MarketingOps.com surveyed almost 600 Marketing Ops pros from multiple industries to better understand the trends driving the function.

Who are Marketing Ops pros? They are problem-solvers who take a strategic, cross-functional, and data-informed approach to proving and improving marketing value/ROI.

Sojourn's December 2022 Oracle Eloqua User Group was highlighted by a presentation by Oracle’s Chris Campbell offering Oracle’s vision for Eloqua and described its product roadmap coming in 2023.

Adobe recently collected actionable insights and best practices from more than 600 B2B organizations, all of them using a variety of marketing automation platforms (MAPs).

Salesforce is making some big enhancements in 2023 and beyond to its Marketing Cloud Account Engagement tool, formerly known as Pardot. In a recent webinar, the company revealed its roadmap.

We asked two of our most experienced marketing leaders at Sojourn Solutions for advice on how B2B marketers like you can navigate the challenges of a potential economic downturn.

Change at any level is both essential and challenging. No matter how much technology or process is involved, the change will not happen without human beings adopting the desired behavioral change.

Doug Binder, author of the recent book Gather: The Business of Coming Together, has been an organizer of B2B events for over three decades and knows as much about organizing great events as anyone.

What’s in store for B2B marketing in 2023? After doing some thinking on my own and also reading a few hours of “marketing trends for 2023” stories, I’ve come up with a few ideas...