CCPA and customer outreach: What marketing experts need to know

As a marketer, with a pulse on the world of marketing data collection, you know the California Consumer Privacy Act (CCPA) took effect on January 1, 2020. But now with enforcement beginning in July of this year, here’s what you really need to know.

The law in its current iteration only impacts companies that do business with or in the state of California.

For those of us in the business of analyzing market research data, however, there are a couple of reasons why it’s worth paying attention to the regulations regardless of the state we work in:

1. California is the world’s fifth largest economy. Even if your company is headquartered on the East Coast, the likelihood is high that you have customers in California.
2. Research shows that approximately 80 percent of experts in the fraud detection and deterrence spheres see CCPA as a gateway to nationwide consumer data privacy legislation in the future.

Consumer data is vital to marketers, and CCPA will change the way that data is collected, analyzed, and stored. Working as an expert team to ensure that consumer data request procedures (also referred to as verifiable consumer requests, or VCRs) are in compliance with CCPA, I’d like to share my knowledge and insights with you.

Keep reading to learn more about our recommendations for marketers handling customer outreach and data collection.

Customer outreach under CCPA

To understand how your customer outreach plans and policies might need to change under CCPA, it’s helpful to understand the initial goals of the legislation.

At its base, CCPA is a consumer data privacy protection law. It aims to accomplish two goals:

1. Give Californians control over their personal data and visibility into how that data is used.
2. Assign accountability to companies that collect personal data from Californians.

Marketers collecting data from consumers is nothing new, but in our current digital age, we have the technology to collect so much more data than ever before—and to do that data collection in myriad ways. That data we collect is worth its weight in gold to businesses.

However, the hacks and data breaches that make the news negatively impact the trust consumers place in companies. And consumers who don’t trust an organization will go elsewhere. That’s why transparency in customer outreach and marketing data collection is so important.

Tips for CCPA-compliant customer outreach

CCPA going into effect doesn’t mean that your customer data collection must end—it simply means that your company will need to be very clear about the data it collects and why as well as have processes in place for providing that information to the customer.

1. Go beyond a privacy policy: Your organization should have a comprehensive privacy policy already in place (and publicly accessible), but under CCPA, you must alert users of their data privacy rights at the point at which you collect their personal information.
2. Only collect the information you really need: With American consumers already highly wary of companies collecting their personal data, your organization should do everything possible to engender trust. If you need to gather personal data from users, you should do so, but don’t ask for information for which you don’t have an immediate, clear use.
3. Have a plan for VCRs or personal data requests: Once CCPA goes into effect at the beginning of 2020, Californians will be able to submit requests to access or delete their personal data from company databases.

Because this data can be used to commit fraud, companies must have a way to verify the identity of the person making the request.

This process needs to be automated, flexible enough to accommodate different types of requestors (users with and without password-protected online accounts, for example), and scalable to keep up with varying volumes of requests.

Without a process and technologies in place that provide robust identity verification, organizations run a significant risk of not complying with CCPA regulations and incurring significant fines.

The bottom line

If the CCPA regulations surrounding consumer data collection and use have you concerned about how your organization’s marketing strategies might change, take our recommendations above into account.

Your company can still collect information from users, but complying with CCPA will encourage you to focus on transparency and overall customer experience.

Consider CCPA a growth opportunity and a chance to get in step with your users and their needs and concerns.

Consumer data privacy laws are about more than just compliance—in a world of hacks and data breaches, the organizations that are both compliant and transparent about their marketing data collection activities stand out in the crowd.

Christina Luttrell is the chief operating officer for IDology, a GBG company and leader in multi-layered identity verification and fraud prevention. In her 10 years at IDology, Luttrell has significantly advanced the company’s technology, forged close relationships with IDology customers and driven the development of technology innovations that help organizations stay ahead of constantly shifting fraud tactics without impacting the customer experience. Luttrell has been recognized as one of the Top 100 influencers in identity by One World Identity.