Businesses in California Aren’t Ready for CCPA Compliance

The government of California is all set to enforce the California Consumer Privacy Act on January 1, 2020, but a survey showed that 56% of the state’s businesses aren’t ready to comply with it.

According to the report of PossibleNow, a company that offers enterprise preference management solutions, only 8% of 1,500 businesses it polled said that they are ready for CCPA compliance, while 34% said they will be by Jan. 1.

The new law applies to all businesses in California that collects consumers’ personal data. This especially applies to eCommerce companies as they rely heavily on the personal information of their customers to come up with marketing strategies that will ultimately lead to higher sales.

Non-compliance with the CCPA can result in a $2,500 fine per record for each unintentional violation and a $7,500 fine per record for each intentional violation. In other words, a company that mismanages 1,000 consumer privacy requests could be subjected to a fine ranging from $2,500,000 to $7,500,000.

Reasons of businesses for not being CCPA-ready

To be CCPA-compliant, a business must be able to provide its customers with the data collected from them, and the purpose of its collection, upon request. Consumers should also be given access to their personal data, allowed to request the deletion of their data, and have the ability to opt out of the sale of their personal data.

Unfortunately, not many businesses are prepared to abide by these terms. When asked why they can’t comply with the CCPA, PossibleNOW’s respondents gave the following reasons:

● It’s too expensive to be compliant (35%)
● We’re waiting to see how it will be enforced (32%)
● We don’t think our organization is large enough to face fines (17%)
● The law is new to us, and we’re unsure of the requirements (11%)
● We don’t think it applies to us (5%)

Companies have a few more months to prepare for the CCPA. Constantly deferring it and hoping that the government will amend the law is a complete waste of time as other states are working on following this pattern.

“Just as with GDPR, a significant number of businesses are caught between the cost and effort of complying with CCPA and the probability of enforcement actions against them. There are heightened concerns surrounding the CCPA specifically because of California’s strict approach to legislation across all facets of business within the state. Companies should actively seek the counsel of a privacy compliance organization as the deadline is quickly approaching. As time draws short, resources become more scarce and implementation becomes more costly.” – Eric Tejeda, Marketing Director, PossibleNOW

Is your company within the scope of the CCPA? Share your thoughts about this new data privacy law in the comments below or join our Facebook Group.

Avatar
For almost 10 years Dave has been involved with eCommerce with a particular interest in the marketplaces and the huge opportunities available for sellers when utilizing a multi-channel strategy. After a year of being the UK’s youngest eCommerce consultant it was the opportunity to start UnderstandingE with Matt Ogborne showing the world how to utilize Magento as the Third Generation of Multi-Channel software. Dave also recently started a YouTube channel called the Manc Entrepreneur (click YouTube icon link below to watch Dave's videos) where he discusses all things eCommerce and entrepreneurship aimed to help young entrepreneurs get started on their own journey. When Dave isn’t working his main interests include, Technology, Cars and throwing himself off high things into water.

2 COMMENTS

  1. I would like to see what the 44% that claim to be CCPA ready consider legally ready, and sorry but I challenge near all of them for CCPA is about 95% of the GDPR effort and I have yet to find a major company GDPR compliant. Whoever writes these articles need to d there homework. How many of these 44% have all the PII encrypted or protected?, How many could now do an accurate Right of Erasure? How many can still conduct uninterrupted business if their operational and production data is truly Encrypted and protected from breaches? Maybe a better next story for you to write?

    • The article covered the results of a survey, which being a survey means that it is based on a “self-assessment” by companies of their readiness. And even among those surveyed, only 8 percent claimed they are ready today, not 44 percent!

      Richard

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.