Due to the tech sector’s reliance on data as a commodity, anxiety has been building among Silicon Valley cognoscenti regarding massive changes to privacy regulations under consideration by the newly formed California Privacy Protection Agency (CCPA). The situation has grown more tense with the state’s recent enactment of stricter laws and the formation of a new regulatory body, the California Privacy Protection Agency (CCPA). New and more stringent regulations are imminent. But these changes won’t just affect technology companies – all types of companies based in the state will need to review and potentially update policies and practices to achieve compliance with the new rules.
A draft outlining the regulatory agency’s plans was recently released by the CCPA.
Clarification on Opt-outs
Before the CCPA’s draft was released, opt-outs were the subject of greatest concern and scrutiny among privacy professionals and tech leaders. A common interpretation of opt-outs is that companies can choose between honoring an opt-out signal or providing a DNS link. The new regulations settle this question by disallowing DNS links altogether. However, there is not yet clarity on what form an “opt-out signal should take, and this situation is likely to create conflict between regulators and businesses.
Big Questions on Privacy
Keep in mind that these guidelines are still in the draft stage and the final regulations have yet to be written in stone. However, the anticipated changes are of vital importance to tech companies. Silicon Valley’s foundation is built on its ability to deliver value through collecting and selling data. Consumers are becoming increasingly concerned about how their information is being used at a time when data is more valuable to companies than ever before. As this tension grows a clash is imminent and will likely result in a monumental shift in data governance.
But the effect on technology companies is just the tip of the iceberg. All companies that manage any kind of consumer data – including information relating to employee benefits – will likely be required to update their policies to comply with these new regulations.
Business leaders should start working now with trusted legal advisors to reshape data collection practices that comply with the coming guidelines without suffering massive productivity interruptions or significant financial losses.