This year companies large and small dealt with managing the ever changing world of consumer consent. Facebook was fined $5 Billion1, Equifax was fined $700 Million2, and British Airways fined $230M3 all for mismanagement of consumer data. These fines have led to the realization that consent and data management can be a slippery slope.

As January 1, 2020 approaches companies are preparing themselves for the newest privacy regulation to go into place, the California Consumer Protection Act (CCPA). A huge part of CCPA is offering consumers the freedom to set preferences about which marketing companies would be able to advertise to them. And the ability to control what data can be sold to other advertisers.

A fantastic recent article from AdExchanger found here asks tough questions and highlights concepts that all companies need to be prepared for as CCPA goes into place. A common theme is how companies will be able to effectively communicate consumer preferences to their marketing vendors


As the world watches the California attorney general has made updates to how the state views CCPA. Below is an excerpt from the article:

“New in the draft regulations is a requirement that businesses that collect a California consumer’s personal information online must treat signals from “user-enabled privacy controls,” indicating consumers don’t want their personal information to be sold, as opt-out requests, otherwise known as “Do Not Sell” requests. These signals could come from a browser plug-in, privacy setting or any other user-enabled mechanism” 

In the latest update from the state attorney general explaining his comments further were:

“This is a completely new requirement absent from the statute itself. The California attorney general’s office explained in its Initial Statement of Reasons that this new addition was “intended to support innovation for privacy services that facilitate the exercise of consumer rights in furtherance of the purposes of the CCPA.” It said this was “necessary because, without it, businesses are likely to reject or ignore consumer tools.”

What this comment does give insight to is state is expecting new technologies such as RIVN to be in place so companies have the ability to respect user privacy preferences. All companies will need to adopt scalable technologies that lead to compliance.  

For digital marketers, finance, IT professionals and legal teams the greatest hurdle may be consent management and the “Right to Erasure/Deletion” itself. Contemporary organizations are searching for a module based solutions such as RIVN to step up to meet this need with an easy to use SaaS based single function that allows brands worldwide to meet business needs and be ready for what is next.

To learn more about regulations mentioned above please see the following links below: