Ring in the New Year with CCPA
by Calvin Smith
I’m sure many of you, much like me, have New Year’s resolutions. Some say they want to become more physically fit and join the gym. Others say they want to travel more, and book a spontaneous trip to a destination spot that has been on the list for quite some time. Many say they want to spend more time with friends, family, and loved ones because they’ve been so focused on work and their careers. These are all wonderful aspirations. But what if I told you that this year, the state of California is making a resolution for you?
Effective January 1st, 2020, California will enforce the California Consumer Privacy Act (CCPA), which focuses on large businesses and how they handle the use of personal data. This piece of legislation was passed back in June of 2018, not too long after the General Data Protection Regulation (GDPR) went into full effect within the European Union, which also tackles the issue of user privacy and data collection.
This blog will delve into the CCPA—what it is, who will be impacted, and how it will affect organizations and their collaboration methods.
What is the California Consumer Privacy Act?
As mentioned previously, the CCPA was introduced in June of 2018. Many experts predicted that after the GDPR bill was passed, the U.S. would take initiative to implement their own data protection laws. After the GDPR went into effect, California took the initiative and passed the bill, stating that it would become effective January 1st, 2020. So what exactly is this bill?
For all intents and purposes, the CCPA is very much like the GDPR but goes a little bit further than the European law. The CCPA is comprised of four basic rights and aims to give users complete transparency of who is sharing their data and where the data is being shared. As one article described the law, this is the “most significant and stringent regime overseeing the data collection practices of technology companies in the United States.”
The protection of personal data is becoming a top priority within the enterprise. According to the State of California Department of Justice, the law “creates new consumer rights relating to the access to, deletion of, and sharing of personal information that is collected by businesses.”
What companies will be affected?
For now, the law targets large companies who have annual gross revenues in excess of $25 million and received information from more than 50,000 users. In short, many of the top companies in Silicon Valley (most notably Facebook) will be affected by this new law. However, many startups within the region will not be affected due to the two main guiding principles: revenue and users.
While most are aware of the GDPR and perhaps even the CCPA that is coming into play, many organizations may be unfamiliar with how this law will impact their collaboration methods, including team collaboration.
Collaboration in the Enterprise Under the CCPA
Team collaboration is being adopted by teams and entire enterprises, and is now a key part of the digital workplace landscape. Some enterprises are using team collaboration apps to simplify company-wide messaging, either for company updates or, more importantly, for emergency notifications. A primary focus of team collaboration is to facilitate teamwork and team building for mobile users. One of the core components within collaboration is enabling seamless communications and collaboration, which Aragon calls people-centric collaboration. It allows for calls that are both voice-based and video-based; it enables meetings with users and rooms; it is about the shift from instant messaging to mobile messaging, which Aragon termed mobile collaboration.
However, as Aragon notes, many enterprises are unaware that their conversations are being monitored and recorded without their knowledge. Thankfully, more and more communications and collaboration providers are prioritizing identity and security. Encryption has become a must-have capability within communications and collaboration applications. With the implementation of CCPA, enterprises are going to require providers to enable higher levels of security around sensitive information such as identity-related data. Lead Analyst Jim Lundy states one of the biggest challenges for businesses will be identifying what content poses the biggest risk. With the new law coming soon, it would serve you best to perform a company audit to ensure every business unit will be CCPA-compliant. However, despite the regulation that is looming with the GDPR and the soon-to-be in effect CCPA, it must be noted that it’s still the enterprise’s responsibility to ensure their data is encrypted and secure.
We are seeing more measures put into place to protect the identity and security of users. The California Consumer Privacy Act is a great step towards ensuring user privacy and transparency within the enterprise. The efforts and intents behind both the CCPA and GDPR should force enterprises to become proactive—if they aren’t already—in their efforts to ensure privacy and security. Enterprises must start developing their approach to becoming CCPA compliant and prioritize potentially sensitive areas that need the most attention. Two ways to get started are:
- Using Encrypted Collaboration and Communications Apps: While team collaboration applications are vital to ensuring fast interactions with team members, customers, and the entire enterprise, enterprises should strongly consider only using applications that are encrypted, as this is one way to ensure that the content of your discussions and messaging stay secure. The same should go for your web and video conferencing applications.
- Doing A Content Audit: Identify the content that might make your enterprise at risk of violating CCPA by using intelligent content analytics (ICA). Deploying ICA can help speed up your processes in becoming CCPA compliant.
If you’re not sure where to start with your CCPA efforts, schedule a consultation with Aragon. Additionally, you can utilize these resources to become more familiar with GDPR and preparing for CCPA.