When the California State Legislature passed the California Consumer Privacy Act, it was celebrated as a historic day for personal data security. It’s true, the CCPA has many strong provisions that will make a difference for every Californian and protect personal data. However, that doesn’t mean it is perfect.
Unfortunately, if there are no fixes, California’s small businesses will unintentionally suffer, and Latino-owned businesses will be hit disproportionately hard. More than 800,000 Latino-owned businesses represented by the California Hispanic Chamber of Commerce will be at risk.
However, there is still time to fix some of the flaws with the CCPA. The California Hispanic Chamber of Commerce urges the Legislature to take action and stand up for privacy rights and small businesses before the CCPA is implemented in January 2020.
For example, many Latino small businesses now rely on the use of tailored digital advertising to best communicate with customers and let them know about specials and products. It is a critical communication method that is vital to small businesses everywhere. Think about your favorite local restaurants or other service shops that notify you about local deals and specials. They could be heavily impacted.
Under CCPA, targeted digital online advertising is at risk. Small businesses don’t typically store information or know anything specific about the individuals the ads are targeted towards, but their reliance on cost-efficient advertising is critical to their businesses.
But that’s not all. Every business with more that 50,000 transactions per year will be affected. That means 50,000 views on a website or 50,000 credit card transactions or any other data collected. Latino small businesses across the state will need to comply with every provision of the CCPA. This could mean even customers who have not purchased anything from a website could request their data be deleted.
Most, if not all Latino small businesses do not have the infrastructure to accommodate these types of requests, but without a fix, they will have to.
As written, the current definition of consumer could include employees and job applicants. If an employee asks to delete their personal information, businesses will be forced to comply, which can lead to bigger problems. For example, if an employee is accused of sexual harassment and requests that their personal information be deleted, by law businesses would have to remove it.
The current CCPA also does not allow businesses to discern if someone requesting sensitive personal information such as a credit card or Social Security number is a fraudster who will compromise a person’s personal information. In addition, a business will be required to share personal information with anyone in that person’s household who requests it, regardless of whether they have the individual’s permission.
These problems must be addressed in order to protect Latino-owned businesses while strengthening privacy rights for consumers.
We are thankful to the many lawmakers authoring legislation to fix the CCPA and make it work for every Californian, and especially Latino-owned small businesses. We encourage every representative to support Assembly Bill 25 (Chau), Assembly Bill 864 (Burke, Low, Mullin), Assembly Bill 873 (Irwin) and Assembly Bill 1564 (Berman). These bills will make a difference with critical clarifications that will better protect consumers’ privacy while at the same time ensuring that small businesses are not unintentionally harmed.
Julian Canete is president and chief executive officer of the California Hispanic Chamber of Commerce.
