What Your Company Needs to Know About Consumer Privacy

Consumer privacy guide
Estimated Reading Time: 6 minutes

[The following is adapted from Crawl, Walk, Run: Advancing Analytics Maturity Google Platform.]

Not long ago, the area of consumer privacy looked more like the Wild West than a space of law and order. Companies had few restrictions when it came to using customer data, but those circumstances have changed.

In today’s world of tightening regulations, you have to be extremely careful with your customer data or face the financial consequences. It’s not a bad thing—the purpose and eventual payoff of customer data governance is to create trust with customers while deriving value from the data they entrust to your organization.

But if you’re unaware of what those laws entail, it can be easy to break the rules. Here’s what you need to know to protect your company and your customers as you handle their personal data.

The Rise of Privacy Regulations

In recent years, we have seen an increase in privacy regulations due to certain companies abusing the rights of customers and doing whatever they wanted with customer data. With the passage of the General Data Protection Regulation (GDPR) in the European Union in 2016, the regulatory environment entered a new, more intense, and more difficult era for marketers.

In terms of actual numbers, the maximum fine that can be levied against an organization for misuse of customer data is 4 percent of their gross revenue. That means a company with $1.25 billion in revenue could be fined as much as $50 million—not something any organization can shrug off.

California passed similar privacy regulations in 2019 with the California Consumer Privacy Act (CCPA), which went into effect in January 2020 (with enforcement beginning in July 2020). Like the GDPR, the CCPA was driven by a desire to protect consumers.

With CCPA, there are two tiers of fines: $2,500 per violation for an unintentional violation and $7,500 per violation for an intentional violation. As you might imagine, this can add up quickly.

As of 2020, at least 20 states in the US have either passed or have introduced consumer privacy regulations, and this number continues to grow.

What’s Expected of Companies with Regard to Customer Data

Breaking these new regulations means stiff financial penalties, so how can you stay in compliance? The essence of these regulations is that companies must inform customers about what will be done with their data. That’s why when you visit many websites these days, you get a popup banner that says something like, “We use cookies. Are you okay with us collecting your information? Please, refer to our privacy policy.”

California adds a new twist in which customers must be able to opt out of companies selling their data. Furthermore, companies can’t penalize a customer for opting out. The real challenge of the California regulation comes into play when a customer makes a request concerning their data that a company possesses.

If a customer contacts a company, providing their email, phone number, or other information, within 45 days of receiving that information, the company must reconnect with the customer and inform them of what categories of data they’ve captured and what precisely has been done with it.

Is Your Company Prepared to Comply with Regulations?

Creating a paper trail of exactly where a customer’s data has gone and what has been done with it is easier said than done. After all, tracking the flow of an individual’s information through tags and pixels becomes extremely difficult as that information flows throughout an organization’s many data systems.

To comply, you need a clear understanding of the customer data being held throughout your organization, and then you must be able to retrieve that data and provide it to the customer—in plain language, not in some cryptic form. Consider the consumer data you have collected and ask yourself:

  • Do you actually know where all of this data is located in your organization?
  • Do you know what categories each piece of data falls into?
  • Can you provide that data back to customers in an efficient manner?
  • Finally, can you then delete that data if a customer requests it? Is your company prepared to follow the rules?

If your answer to any of these questions is “no” or “I’m not sure,” you have work to do to meet regulatory demands.

Plan for the Future of Data Regulations

Even if your company doesn’t currently operate in California or the European Union, you should plan for the future. The rise of privacy regulations means that, no matter where you do business, similar regulations are bound to impact you sooner or later.

For this reason, you need to immediately start creating a customer data governance strategy to get your data under control. Make sure that your systems track where customer data goes, who has access to it, and when it’s sold.

Given the privacy restrictions in place, competitive advantage is not just realized by who can best analyze and act around their data but by those who can collect the most in a compliant manner. Gain compliance and avoid the fines that many of your competitors are paying, and you’ll be positioned to thrive in the privacy-minded future.

Michael Loban is the Chief Growth Officer at InfoTrust. He’s an adjunct instructor at the University of Cincinnati and Xavier University, and is also a presenter and author, with work published in Forbes, AdWeek, and CIO Magazine.

For more advice on digital transformations, you can find Crawl, Walk, Run on Amazon.

Join Our Nov. 11 Consumer Privacy Webinar

Ready for more consumer privacy guidance? Join Chief Growth Officer Michael Loban and Tag Governance Specialist Lucas Long on Nov. 11.
Last Updated: October 21, 2020

Other Articles You Will Enjoy

The Latest on the UK Data Reform Bill

The Latest on the UK Data Reform Bill

On June 17, 2022 a press release from the United Kingdom (UK) Government’s Department for Digital, Culture, Media & Sport (DCMS) and The Rt…

7-minute read
Ohio Personal Privacy Act: What Marketers and Advertisers Need to Know

Ohio Personal Privacy Act: What Marketers and Advertisers Need to Know

Much has been made about 2023 being the year of reckoning for privacy regulations in the United States, with five states having new regulations…

10-minute read
Patchwork Privacy: U.S. State Legislation Roundup

Patchwork Privacy: U.S. State Legislation Roundup

Privacy protections in the United States take a big leap forward in 2023 with five states having new privacy laws going into effect. This…

16-minute read
The Latest on the EU – US Data Sharing Agreement

The Latest on the EU – US Data Sharing Agreement

On October 7, the White House announced an “Executive Order: On Enhancing Safeguards For United States (US) Signals Intelligence Activities.” President Biden did this…

8-minute read
Privacy and Data Protection in the Kingdom of Saudi Arabia

Privacy and Data Protection in the Kingdom of Saudi Arabia

In September 2021, the Kingdom of Saudi Arabia (KSA) issued its Personal Data Protection Law (PDPL) to regulate the processing of personal data. The…

6-minute read
3 Major Happenings in the World of Privacy for 2023

3 Major Happenings in the World of Privacy for 2023

First things first: Happy Data Privacy Day 2023! We hope you consent to having some fun this year! As we celebrate Data Privacy Day…

8-minute read

Get Your Assessment

Thank you! We will be in touch with your results soon.
{{ field.placeholder }}
{{ option.name }}

Talk To Us

Talk To Us

Receive Book Updates

Fill out this form to receive email announcements about Crawl, Walk, Run: Advancing Analytics Maturity with Google Marketing Platform. This includes pre-sale dates, official publishing dates, and more.

Search InfoTrust

Leave Us A Review

Leave a review and let us know how we’re doing. Only actual clients, please.