Founder and Managing Shareholder
Today California’s groundbreaking consumer privacy law, known as the CCPA, is in full effect and the implementing regulations are nearly finalized. Now is therefore a good time to take a step back and consider whether your dealership is complying with the law in a way that makes good business sense.
Many dealers across the state have chosen to rely on their DMS or website vendors to provide their CCPA compliance. While these vendor efforts are certainly well-intended, they tend to fall short in several crucial areas of customer experience and legal compliance, for the same reasons: these approaches are not tailored to the individual dealerships they serve. Your store may be able to fly under the radar with a one-size-fits-all approach for a time, but the business case for personalizing your compliance is strong.
Improved customer experience
A less obvious example is on the back end. One of our clients found that CCPA requests sometimes came from unhappy customers and designed a response system that focused on the customer service aspect of the law. They have successfully combined legal compliance with customer relations and been able to improve relationships with customers.
A tailored CCPA compliance program will help you comply with the law while still providing a good experience to customers on your websites and in-stores. Instead of adopting the most conservative approach by default, tailoring it allows your manage legal risk and serve customers.
Limit legal risk
A tailored compliance program will at the very least accurately describe how your dealership actually uses customer data. It will therefore limit legal risk by allowing you to continue your data sharing in most circumstances confident that this collection and use has been adequately disclosed to the customer.
Prepare for the Future
Despite the fact the CCPA only went into effect this year, there are already major changes on the horizon. Proposition 24 qualified for the November ballot for this year and, if passed, would give consumers new rights under the CCPA and increase the enforcement.
Today most dealers will be able to avoid facing a major enforcement action even if their legal compliance is not stellar because the Attorney General’s office is responsible for enforcement. The CCPA bill did not provide the AG with new funding to enforce the law and the department dedicated to this in the AG’s office is lightly staffed.
Proposition 24 will change this. If passed it will fund a new state agency dedicated to enforcing consumer privacy rights. It therefore would steeply increase the risk for any business that is not fully compliant with the law.
Moving forward, the dealerships that have a tailored compliance program today will be light years ahead of dealerships that are relying on a one-size-fits-all approach. As any dealership that has gone through the process can tell you, compliance does not happen overnight and there will be bumps in the road. The worst time to do this work is when stakes are high and mistakes could be costly. Building a tailored, compliant program now puts dealers in the driver’s seat as the law changes and the legal risk increases.