Two months into 2020, and there isn’t much convergence between firms on California’s new year’s gift to itself, CCPA, or the California Consumer Privacy Act.

Under this act, Californian residents have the right to see all the info companies have on them, how they gather, mine, and apply personal data, access it, delete it, opt-out of third party transfers, and still avail the same service as someone not exercising their rights under the act. This encompasses even the most private categorizations an organization may use.

It should come as no surprise that California, the internet’s epicenter, is the place of the act’s origin, given how it’s savvy residents are the subjects of targeted data breaches. Although, it’s worth noting that the law is still comparatively lax to its first incarnation.

Let’s dive in to see what ‘Don’t sell my info’ really means.

Consensus - Arriving at Interpretations of Selling Data

Still a work-in-progress, so far, no one agrees as to what qualifies as selling personal data. Forums are rife with deliberation as companies are left to wrangle with the new law. Although the variations in remedial measures taken by firms form this point on, would serve as reflections of how they see the spirit of the law.

Of course, it would also serve as an opportunity for Big Tech to put the money where the mouth is.

“Should I worry?”

Who does this apply to?

Simply put, if you’re a business that uses data from Californian residents but also

  • Grosses 25M in earnings, or
  • Gets more than half its revenue in data sales
  • Handles over 50,000 personal Records from devices, households, or consumers directly, then the law applies(Check CCPA Section 1798.140).

The best and worst of it.

All things considered, the worst thing that could come out of this is a never-ending compliance process. The best thing to come out of this is for Compliance to take off as an industry. You should find at least some relief knowing you can delegate major portions of data wipes to third party apps. The bad news is, it should take a while for these capabilities to mature and come baked into platforms.

Till then, it’s advisable to chalk out a clear ‘house-approach’ to privacy regulations, so you don’t leave anything to chance.

Also, if you haven’t already, you’ll need to bifurcate data based on the channels used for collection to account for restrictions on process, retention, and consent. On the bright side, this should also double up for easy segmentation.

Penalties

Because why else would you expect Silicon Valley to fall in line?

On their part, for companies to avoid a penalty, they need to take provably adequate measures to protect data. For size, they’ll need to practice controlled access on a need-to-know basis only. They’ll even need to update access regularly.

If you’re a business operating in multiple countries, you also need to tag data for separate legislations and track for varying retention requirements.

That’s unless you can shell out to the tune of 2500-7500 dollars per user in a month’s notice, besides taking a dent to your brand’s reputation.

So for what it’s worth, we’ll leave you with a list of to consider for socially responsible or, at least, compliant use of your Salesforce instance.

Implementation considerations

  • It goes without saying, among the first steps is comprehensive indexing and tracking of data across the organization.
  • You may need to review how you process data if you deal with Californian or even American data directly, even if you’ve just gotten over with GDPR.
  • Also remember that platform privacy tools cover your Salesforce instances, not processes your firm puts data through internally.
  • Besides location and you’ll need compliance on all 4 fronts: Automation, Processing for Insights, Access, and Opt-outs. That roughly translates to de-identifying, exporting, and deleting.
  • For data where removal has been requested, you’ll need to locate not only relevant data but also all dependent Objects and Records to make sure no Dashboards, Reports, or visualizations querying the data break. Going in unprepared would hurt doubly, both from a penalty, as well as an operations standpoint.
  • Equally, any automation for data requests must also be air-tight to allow only clearly identifiable individuals to download data that belongs to them, but no more.

No Data Found.

Share This Blog
Related Articles
Salesforce AI Adoption_ Proven Strategies to Overcome AI Implementation Challenges
Salesforce AI Adoption: Proven Strategies to Overcome AI Implementation Challenges

AI is no longer a future concept inside the Salesforce ecosystem; it has become the operational layer behind sales, service, marketing, automation, and customer engagement. But while businesses are investing heavily in AI-powered CRM transformation, many organizations still struggle with one major challenge: successful Salesforce AI adoption. The problem is not access to AI tools. […]

Read More
Multi-Agent Architecture Will Define the Next Phase of Salesforce AI Innovation - Predictions Through 2030
Multi-Agent Architecture Will Define the Next Phase of Salesforce AI Innovation – Predictions Through 2030

Over the years, Salesforce hasn’t just grown, it has continuously reshaped itself, moving far beyond its early CRM identity into something much larger. From being just a CRM platform to becoming a full-scale enterprise ecosystem, every phase has been driven by a deeper layer of intelligence. Now, that next layer is Salesforce AI. Today’s generative […]

Read More
Salesforce Agentforce 360_ The Future of AI-Powered Customer Service
Salesforce Agentforce 360: The Future of AI-Powered Customer Service

Customer service is changing very fast now, and businesses are slowly moving beyond basic chatbots and automated replies. Companies want systems that can actually understand context, respond intelligently, and help teams solve customer issues faster without creating more manual work. That is exactly where Salesforce Agentforce 360 is getting attention across the Salesforce ecosystem. Instead […]

Read More
Why is Salesforce partnering with the biggest names in AI_ Like Salesforce, Stripe, and OpenAI
Salesforce AI Partnerships Explained: OpenAI, Stripe & the Future of Automation

Something interesting is happening in the CRM world right now, and it’s not just about adding AI features. Salesforce isn’t trying to build everything alone anymore. Instead, it’s partnering with some of the most powerful AI and cloud players like OpenAI, Stripe, Anthropic, and NVIDIA. This shift signals something much bigger than integrations. It’s about […]

Read More
Sales Cloud Latest Updates_ What’s New in Salesforce Cloud and Why It Matters for Your Business
Sales Cloud Latest Updates: What’s New in Salesforce Cloud and Why It Matters for Your Business

If you’ve been using Salesforce Cloud, you already know one thing, it never stays the same for long. Every new release brings changes that directly impact how sales teams work on a daily basis. The latest updates in Salesforce Cloud Services, especially around Sales Cloud that now known as Agentforce Sales, are not just minor […]

Read More
Salesforce & Google Cloud AI Agents_ Powering Cross-Platform Automation with Deep Context
Salesforce & Google Cloud AI Agents: Powering Cross-Platform Automation with Deep Context

Something fundamental has shifted in enterprise automation. It’s no longer about connecting tools; it’s about enabling systems to think, decide, and act across platforms. The collaboration between Salesforce and Google Cloud is driving this shift through AI agents that operate with deep context and execute end-to-end workflows. This blog breaks down how Salesforce Google Cloud […]

Read More
Our Location worldwide
Indian Flag India
3rd Floor, A-10, Pegasus Tower, Sector 68, Noida, Uttar Pradesh 201301 +91-1203239658
United States of America Flag USA
333 West Brown Deer Road Unit G – 366 Milwaukee WI, USA 53217 +1(262) 310-7818
United Kingdom Flag UK
7 Bell Yard, London, WC2A 2JR +44 20 3239 9428
Canada Canada
HIC Global Solutions INC
6D - 7398 Yonge St #1124 Thornhill, ON L4J 8J2 Canada +1(262) 310-7818