As of January 2020, California legislation has entered a list of amendments to the California Consumer Privacy Act (CCPA) to outline more stringent regulations on how consumer data is collected, stored, and shared.

Attorney General Xavier Becerra issued an official declaration to the state’s residents, highlighting their rights under the CCPA. Also included is a list of educational resources to ensure their understanding.

At the center of attention is the right for consumers to opt-out of the sale of their personal information. By far, this has been hailed the most liberating shift in power within the business-consumer relationship dynamic.

Companies nationwide are being tasked with providing comprehensive options to their consumers to remain in compliance with the CCPA’s opt-out of sale requirements. Given the broad definition of sale under the law, there’s still confusion relating to what exactly is in scope when it comes to CCPA opt-outs and what the best method for achieving CCPA compliance will be.

Here are the best practices for executing it with the most accuracy and efficiency in 2020.

Handling The Two Aspects Of Opting Out

There are two ways companies need to approach implementing the CCPA opt-out of sale requirement.

#1: Technology 

You must address the technology you’re using to gather and perform the opt-out of sale. Affecting both identified and unidentified website users, your technology needs to allow for consumers to refuse personal data sales to third-party vendors used to target advertising at them online.

Technology must be able to analyze and scan your current website, extensions, and plugins to evaluate specs against current legal parameters for websites.

Technology also needs to support a global policy using country and state geotargeting. Displaying geo-targeted cookies consent messages only when it applies to location-specific users represents a huge win.

#2 – Displaying the Opt-Out

The opt-out of sale requirement needs to be an obvious feature on your website. A “Do Not Sell My Personal Information” link or button is required under the law. Make opt-out requests easy and user-friendly by having a secure web form online or a link to a secure site that specializes in processing this data.

The sure-fire way to remain in the boundaries of the law is to stay abreast of the constant changes in the law and following the simple formula: Inform consumers, respect their sharing preferences, and follow the rules of compliance.

Recovering From Non-Compliance

The CCPA mandates that to stay in compliance, companies must respond to all requests to access, delete, and correct personal data. The California government has an online complaint form for dissatisfied consumers to utilize in the event they want to launch a grievance on the record.

Maintaining good business practices takes a lot of work, but with proper processes in place and a dedicated internal compliance team, it becomes second nature. To learn more about the CCPA’s Opt-Out of Sale Requirement and ensure your organization is on the right track to CCPA compliance, get your copy of this free eBook.

To learn more about how OneTrust can help meet CCPA compliance, visit OneTrust for CCPA or request a demo today.