CCPA is coming, is your business ready?

CCPA is coming, is your business ready? The CCPA, also known as AB-375 and the California Consumer Privacy Act of 2018, is the California privacy law analogous to the European GDPR. Passed on September 23rd, 2018, it will become effective this January 1st, 2020. With the same flavor than every other new data privacy regulations, the CCPA says that California residents have the right to control their personal data to know what's being collected, to know whether it's being sold and to whom, to block their data from being sold. It also says that consumers cannot be charged a different price for exercising their privacy rights, with some exceptions.

What about persistent cookies?

The legislation will limit the use of most cookies and require that users give explicit consent prior to their installation. Users will also be able to choose which types of cookies may or may not be installed. Due to that reason, persistent cookies, known as permanent cookies as well, are also subject to the new regulation and will be sanctioned.

Are browser fingerprinting banned as well?

It remains to be seen how courts will interpret this section. Browser fingerprints certainly are directly linked to particular consumers which is not tolerated anymore. On the other hand, the law requires businesses to have "technical safeguards" and "business processes" that prohibit reidentification. What will be considered adequate safeguards and procedures? If the CCPA decides to keep following the example of the GDPR, the use of browser fingerprinting will be severely sanctioned as well.

Are companies ready?

Despite the headlines, a recent data privacy survey found that 67 percent felt their company was only somewhat prepared or simply not prepared to comply with data privacy regulations.

What can we do?

F8th is the first AI-based cybersecurity that is 100% Data Privacy Regulation (GDPR/CCPA/PIPEDA/ePR/...) compliant solution. Unlike the other persistent cookies and browser fingerprinting security systems which are extremely rough on the personal data collection without consent, F8th is data privacy friendly two-steps verification system based on meaningless information that in case of data breach, cannot be exploited by fraudster or sold on the black market.

Published: June 28th, 2019