Self-service access to safe data
Protect data and manage risk
Analyze conversational chat data
Reduce the time and cost to comply
Right data in the right hands
Align control and business use
Controlled access to data
Flexibility, consistency, scalability
Our professional services
Power responsible use
From clinical to commercial
Optimize data tests
Open new revenue streams
Realize the potential of the cloud
Protect data from misuse
Transform your data
Opinion and industry insights
An A to Z of the industry
The podcast for data leaders
Press releases, awards, and more
Staying at the cutting edge
The team behind Privitar
A thriving partner ecosystem
Our story, values, and careers
Dedicated customer assistance
Nov 10, 2020
Last week, Californian voters approved Proposition 24 (also known as the California Privacy Rights Act of 2020, or CPRA), a ballot initiative intended to build upon the state’s current privacy legislation, the California Consumer Protection ACT (CCPA) of 2018.
The CPRA moves closer to the GDPR; bringing in an independent regulator, the right to correct inaccurate information, data minimization, and purpose limitation, and more.
While the CPRA will most directly impact Californian citizens and the organizations that do business with them, people from across the United States are largely in favor of taking a similar approach to consumer privacy protection. A post-election Privitar poll of 1,000 American consumers run by market research firm Dynata found that:
For organizations wondering what the U.S. privacy landscape might look like in a few years’ time, this is instructive but by no means conclusive.
For organizations that do business in California and/or with Californian residents, there are some clear considerations that should be taken into account today to prepare for the CPRA’s eventual enforcement.
The CPRA makes a wide range of changes to the CCPA. Three significant changes in business should be aware of are:
Although the CPRA won’t come into effect for a little over two years, preparing for some of the changes may take time, and so it is worth starting thinking about what the CPRA means for your business now.
For example, limits on both data sharing and internal secondary uses of sensitive data may reduce many organizations’ ability to gain insights and extract value from the data they hold.
To understand how this may affect you, start by looking at what data you currently share, or have shared with you, and whether you hold data classified as ‘sensitive’ under the new definition. If you do, consider what the impact would be if your consumers decided to opt-out and how you might mitigate this risk. Would providing better privacy protections and greater transparency reduce the likelihood of consumers opting out? Could you use de-identified data that is out of the scope of the law?
Strategies such as these, if pursued, may take time to implement, meaning it’s worthwhile starting now.
Our team of data security and privacy experts are here to answer your questions and discuss how modern data provisioning can fuel business growth.