Californian lawmakers have passed a new data privacy law, The California Consumer Privacy Act of 2018, which is set to come into effect on 1 January 2020.
The new legislation could affect US-based retailers in a number of ways, from the way they handle marketing campaigns to how they deal with loyalty programmes.
California's Own GDPR?
In a text that's reminiscent of the EU's newly-implemented General Data Protection Regulation, the California legislation is designed to provide new protections for its residents.
For instance, it will allow citizens 'to request a business to disclose the categories and specific pieces of personal information that it collects about the consumer, the categories of sources from which that information is collected, the business purposes for collecting or selling the information, and the categories of third parties with which the information is shared.'
This is very similar to the GDPR's Article 15 'Right of access by the data subject' which grants consumers or 'data subjects' the right to 'obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data'.
Another new right in the Californian text bearing close resemblance to the GDPR is the right to 'request that a business delete any personal information about the consumer which the business has collected from the consumer'.
Combined, those two measures could already prove a headache for unprepared retailers in California, a state that has maintained a more protective legislation than Europe for a long time, according to the Irish Times.
But a particularly impactful piece of the new legislation, as French magazine LSA notes, is that it will prevent companies from discriminating against the consumer and providing 'a different quality of goods or services'.
This could mean that retailers can't operate VIP loyalty programmes, which could be perceived as a form of discrimination against certain customers.
Retail Advantage
However, this new situation could prove to be an opportunity for European retailers that had to devise a data policy in the last year in preparation for GDPR, a significant task as explained to ESM in early 2018 by Mark Beresford, head of retailer payments practice at Edgar, Dunn & Company.
Although the GDPR encompasses not only European companies but all firms that do business in the EU, California's new legislation could prove hard to implement for companies that have only had to deal with data protection regulation in the US and have not already dedicated resources to devise an overhaul of their data policy.
© 2018 European Supermarket Magazine – your source for the latest retail news. Article by Matthieu Chassain. Click subscribe to sign up to ESM: European Supermarket Magazine.