Data privacy and consent in the age of CCPA, GDPR and impending federal privacy law [Q&A]

When it comes to consent and data privacy, the rise of regulations like the General Data Protection Regulation (GDPR), coupled with increased consumer awareness of data breaches and breaches, has raised the stakes.

When the California Consumer Privacy Act (CCPA) was passed in 2018, many states began to follow California’s lead. Currently, more than 30 states have comprehensive privacy bills that are close to being passed or in the early stages of being drafted.

But what are the odds that something similar will pass at the federal or global level? And how will this affect brands regarding the collection of consent? We spoke to Alan Brown, General Manager, North America, on the Consent Management Platform Usercentrics to find out.

BN: Is the next federal privacy law for the United States after GDPR and CCPA?

AB: In the United States today (and worldwide), there is no comprehensive federal law that solely governs data privacy. However, there are many laws at the state level that privacy experts believe could be rendered redundant by the creation of a federal law. Having a federal (or global) law could help make things easier and simpler, but only if federal law supersedes all other state laws. While more than half of the US states are in the process of drafting or passing their own privacy legislation, the laws that have already been passed will influence the drafting of a comprehensive new law.

Although there are many privacy experts who favor a federal law, others are cautious, believing it would only make data privacy legislation more confusing by adding to the already complex mosaic that currently exists. Since states currently establish much of their own legislation, this could complicate things in the long run as technology continues to change and views on privacy change.

BN: How soon should brands wait for a federal privacy law?

AB: This depends on several factors, the main one being the administration of President Biden. While a federal privacy law won’t appear suddenly overnight (or even in a month), many claim it can happen during Biden’s presidency. The current administration is made up of many members of the Obama administration, who worked on the ‘Obama Consumer Privacy Bill of Rights’. That said, if a federal data privacy law is implemented, it is likely to occur sometime in the next four to eight years, depending on whether President Biden is re-elected.

BN: Why should companies prepare now for the upcoming federal or global privacy laws if they are still anticipated to be in a few years?

AB: Compliance aside, companies need to understand that great customer experiences and trust in a brand start with the basics, like demonstrating data privacy in a way that is transparent to the user. Brands may consider auditing themselves to better understand the data their organization collects. People will have more confidence in a brand that gives them control over how their data is collected and used from the moment they enter a website or app. So even if a federal privacy law is a few years old, it is still extremely beneficial for brands to present a strong first point of contact to users visiting their website now, starting with the customer’s choice to decide how. your own data is used.

Businesses can look for the right technology to support their data privacy compliance and transparency efforts ahead of a federal privacy law. Using a consent management platform (CMP) that uses pop-up banners and walls to ask customers what their choice is about how their data is used and explain how each choice alters their experience, can help brands build trust. on the consumer and comply with the RGPD. and CCPA today. Data privacy done responsibly and supported by the right technology can help brands earn consumer trust, which in turn makes consumers more likely to choose to participate and provide their loyalty. That’s a positive business impact that brands will miss now if they just wait for a federal privacy law to implement the change.

BN: Are brands ready to meet the next set of data compliance requirements?

AB: The GDPR and CCPA were the main catalysts for altering the way brands think about the collection, management and use of customer data, but it is true that the pandemic also acted as an accelerator for companies to companies will lean more towards the fundamentals of data privacy.

Digital interactions have been placed at the forefront of all industries, and with more people interacting with brands online, one of the main concerns has centered on ensuring that those users feel cared for and engaged by brands in their digital experiences. After years of data breaches and misuse, consumers no longer accept the lack of transparency when it comes to their data and the brands they interact with.

Whether or not a federal law is implemented, companies should not wait to act. By staying diligent about how they are using user data and staying abreast of current state regulations, companies will be ready if a federal privacy law comes along.

BN: How will companies obtain consumer data in a consistent way in the future, even after there is a federal privacy law?

AB: Global data compliance regulations are constantly evolving. This is not going to go away even if federal law is introduced, as attitudes and technologies are always changing. It will only be more important to harmonize brand strategies with consent to collected and managed data. Consent Management Platforms (CMPs) will be considered an integral part of the martech stack to ensure that, amid any new and changing regulations and legislation, companies remain legally compliant. The risk of receiving a warning, a fine, losing advertising revenue, or developing a bad reputation is too great a risk.

As long as companies pay attention to customer privacy expectations and invest in technology that can adapt to any update of privacy legislation, they will be heading in the right direction.

Image Credit: tashatuvango/

Leave a Comment