By Bekkah Anderson, Art Unlimited.
Two months ago, many people were saying, “Naw, just change your settings to block other countries from viewing your website.” But since California rolled out their own data privacy rules on June 28th, 2018 via the California Consumer Privacy Act, this isn’t something to sneeze at. As we start to see more initiatives to protect Americans’ privacy, big data should respond accordingly.
You might not think you have any “big data,” but if you have a list of past customers, newsletter subscribers, a mailing list, online payment options, or use Google Analytics, you technically have possession of data that has privacy rights. Some privacy rights have always been out there, but most businesses had to make the ethical choice to use the information at their discretion because enforcing compliance on every business was obnoxiously hard for anyone to do.
Caveat: Unless one of two things happened to you that got people worked up:
Most of the rules for the new data protection, honestly, just made good marketing sense. Such as, if you send a previous customer 27 emails in one day, you’re going to get marked as spam and email providers will block you. This also has probably happened to you if you tried to include 60 people in the same email and you accidentally locked down your email account.
Website users now have the right to request that you stop collecting their data, and you need to make sure this option is provided loud and proud.
Tip: be careful with how your program your pop-up though, especially on mobile. If all your users can see is a pop up that blocks your homepage navigation on mobile, it could affect your ranking because of a poor user experience.
This is where my heart hurts for business owners because this is rarely enforced well. If you say you’re going to stop talking to them after they ask you to, ACTUALLY DO IT. In the past, I just marked you as spam, but now (if I was a California resident) I could just report you to the Attorney General’s office or go after you with a personal lawyer. Have a process the thoroughly removes their information from your system and documents when the user requested to be removed.
Bottom line: You have to disclose how it’s used, who has access to it, and how users can choose to not be a part of the data.
Having a data control officer who knows where the information is, where it’s going, and how it can be removed is good to have for your business. The more you know, the safer you can make your business for your customers.
Under the new California laws, you could have to pay a civil penalty of $7,500 per incident AND pay for the cleanup/recovery of any person that had actual damages affect them OR pay out $750 a person for the violation to their privacy (whichever is a larger payout).
The California Consumer Privacy Act unleashes its fangs of consequences for non-compliant business owners in 2020. You have some time to start planning your implementation strategy. Don’t get nervous but have a clear plan of action steps to get you to where you need to be. It’s also important to keep an eye on the changes that might happen to the data rules in the months ahead. If the laws get extended to other states, there might be some new changes that make things more detailed as to certain industry or specific platform compliance.
For the present, yes and no, if you want to block your website from being searchable by any of your customers within California you could just avoid this all together….But it’s going to limit your reach, hurt your ranking ability, and if some of your customers have a beach home in California, you might be losing some of your client base because they can’t find you.
No matter how much money Amazon and AT&T pump into lobbyists, the passing of new laws usually has a domino effect in American legislature. If it works out nicely for California, you can expect it to either start rolling out in your state soon or becoming a federal initiative.
We’ve already seem rumblings in Washington to push this into a federal compliance law. So, it’s always better to start being privacy complaint sooner rather than deal with the consequences of doing it later. Rushing things in the last minute to avoid penalties is never a fun spot to be in as a business. Plus, who wouldn’t want to gain a higher level of trust with customers by being respectful of their data?
If you have additional questions or need help to get your business started on data privacy compliance, please feel free to let us know! Who doesn’t love avoiding hefty fines? Contact Art Unlimited today, to see how you can start planning your data privacy initiative.
Editor’s note: This article first published on Art Unlimited’s website and can be viewed here.