6 Tips to Build Trust with the CCPA
Citizens around the world want their data to be protected. Privacy regulations around the world are only going to increase. There are many organizational monetary costs to properly prepare for the privacy landscape of today and of the future. If you don’t have a focus on privacy today, you won’t have customers tomorrow. Your organization has an opportunity to build trust and increase competitive advantage by elevating data privacy as an important and ongoing initiative.
What is the CCPA?
The California Consumer Privacy Act (CCPA) is a privacy law that goes into effect on New Year’s Day 2020.
Key Dates & Penalties of the CCPA Law:
- Law goes into effect January 1st, 2020
- Law enforcement begins July 1st, 2020 by the California Attorney General
- Penalties can be up to $7,500 per violation per individual as well as private right of action (lawsuits) by individuals of between $100 and $750 per incident per individual or actual damages, whichever is greater
There are many great resources online to learn about this privacy law, who it impacts, and consumer rights. Below are a few resources we recommend:
- California Attorney General CCPA Fact Sheet
- CSO Article – What you need to know to be compliant
- California Attorney General CCPA Website Home
CCPA: An Opportunity to Build Trust
According to an October 2019 online survey conducted by Goodwin Simon Strategic Research of registered voters across California, 88% favor the CCPA law. Further, the survey found that the most important right ensured by the law is for “businesses to keep your personal information safe.”
Consumers are yelling from the rooftops that they want their privacy and their data to be respected and safeguarded. Gone should be the days of personal information (PI) being swapped around in Excel spreadsheets on unsecured laptops and personal information freely sold without consumer rights attached.
In an October 2019 survey conducted on behalf of BritePool, 87% of consumers would hit the “Do Not Sell My Information” button if they saw it. Don’t panic just yet at this statistic! Personally, I’m skeptical about this survey conclusion and think that we won’t be seeing opt-out rates this high for most normal website marketing purposes of trusted brands.
First, I think that most consumers often are on a mission when they visit your website and won’t take an extra action to opt-out unless they really don’t trust your brand and they dislike how they’ve been marketed to.
Second, when you develop real trust with your brand and your customers, you’ll be able to maintain that marketing relationship.
In the midst of evolving privacy regulations, building and maintaining trust with customers is one of your most important opportunities ahead. To develop authentic trust with your audience, increase overall brand affinity, and ultimately increase your competitive advantage:
- Give consumers clear choice – Read Formstack’s post-GDPR findings on how giving their audience “transparent flexibility and control over what content they access is a win for [their] product and [their] brand.” Do you really want to bombard consumers with ads and email when they don’t want it?
- Protect consumer data – In a world of continuous data breaches, it is not a surprise that consumers are getting frustrated with their data being leaked as the result of poor security practices in organizations. Treat customer data the same way you’d want it to be treated. This data belongs to the customer and can be revoked if you erode trust. The protection of consumer data is foundationally rooted in Data Governance.
- Be selective with partners – Most organizations work with 3rd party vendors and service providers. Ensure that partners you work with value privacy as much as your organization does. Whomever can access your customer data should have clear, transparent privacy policies and procedures with an established track record of honoring privacy. Avoid negative privacy issues caused by 3rd party service providers that aren’t prepared to handle your data with respect of the customer.
- Train your entire organization on privacy – Privacy does not start and end with marketing. Everyone in the organization is responsible for upholding privacy. If you are required under the CCPA to provide a toll-free phone number for consumers to register their privacy preferences and request information collected or deleted, then who is going to answer that phone? Customer Service representatives need to be ready and informed, with clear processes. Consider developing a code of ethics that addresses privacy and data. At Blast, we’ve developed our own Code of Ethics and ensure that our entire organization agrees and abides by these ethics.
- Know where data is – Data mapping is a critical exercise to understand which data is sensitive (PI and PII), where it is stored, and how does it flow through the organization (and 3rd parties). If you have analytics and marketing tags on your site that are collecting information and you no longer work with that vendor, you have a Tag Management Data Governance problem. Beyond a bad potential experience of unnecessary tags that slow down your website, you are behaving in a way that does not honor the relationship that you have with the visitors of your website. There are many 3rd party tools that can help with this, including OneTrust’s Data Mapping & Inventory module.
Gone should be the days of personal information (PI) being swapped around in Excel spreadsheets on unsecured laptops and personal information freely sold without consumer rights attached. Click & Tweet!
What other tips have you found successful in developing trust with customers? I’d love to have a conversation in our comments section below about what you believe are the most critical factors in developing trust around data privacy.