The California Consumers Privacy Act (CCPA), is a landmark privacy for Californian citizens due to come into force in January 2020. Somewhat akin to the EU’s General Data Protection Legislation, the new Act will provides Californian citizens with:
a right to be informed what types of data are being collected by an organisation and what it will be used for (a notice at collection);
the right to request a copy of the exact data collected about them in the last twelve months (a Request to Know - similar to a Subject Access Request);
the right to request deletion of that data (with some exceptions);
the right to opt-out of the sale of one’s own personal information; and
the right not to be discriminated against for exercising these rights.
The new regulations apply only to large organisations, or who process information on large numbers of Californian Consumers. So businesses with turnover below $25m or with low volumes of consumer data need not worry about these new regulations, however a careful and considered approach to the privacy of users’ data is entirely sensible practice.
Umbraco underwent a great deal of work in the run up to the launch of the EU GDPR regulations, and so in many ways is more than adequately prepared. A number of new privacy related features were released in Umbraco 7.9 which are of use to website owners in scope of CCPA including:
A general API for "logging of consent" which provides a way of registering that a person has given consent of any given action; and
The ability to export a member's saved data as a file, which will be useful for fulfiling Requests to Know;
If you’re Umbraco site is older than Umbraco 7.9, first released in February 2018, you process personal information and you are in the scope of CCPA then you will likely need to undertake remediation work to your site to make it CCPA ready.
Our team at Carbon Six Digital have undertaken many upgrades of existing websites from previous releases of Umbraco, and even offer Fixed Price Uprades for Umbraco. If you’d like to talk to someone about your site and what might be needed to bring it up to standard for CCPA then give us a call.
Many people will know that the 25th May 2018 is GDPR Day, and the team at Umbraco HQ are busy getting ready. The General Data Protection Regulation (GDPR) is a new regulation that intends to strengthen and unify data protection for all individuals within the European Union (EU).
At this weeks Gold Partner Webinar Niels and Anders gave a briefing to the Partners to explain the plans currently in place for the toolkit.
The team at HQ has undertaken a detail analysis of the impact of GDPR. Obviously GDPR mainly affects processes for managing data, but HQ are keen…