Cost of complying with GDPR, CCPA and CPRA

Ash DSouza • Nov 28, 2020

With the explosion of devices and channels, businesses are collecting a lot of consumer data from a multitude of data sources. Due to this, consumer data is present across the enterprise in various systems It is estimated that on average companies with fewer than 1000 employees run an average of 22 applications, with many of these containing consumer data.

Generally, this consumer data across systems is not resolved and integrated to build a comprehensive view of all the interactions a consumer is having with a business. For example, a consumer may have visited a business’s website from her laptop as well as from her mobile phone and may have made a purchase when visiting from laptop. Then may have called in to customer support. And may have written a review and interacted with a Facebook post. In the process, a company may have collected a lot of personal data about the consumer, but all this data is sitting in different enterprise systems.

With digital interactions, collection and sharing of personal data has become very easy. And this has caused privacy issues with users getting followed across the web with behavioral ads targeting, and massive data breaches. Most of the time data and advertising companies are collecting user data from user interactions across multiple companies and stitching that together to build behavioral profiles that then help with advertising. But most of such data collection is done without the consumers even knowing about it. This has caused privacy concerns across the world, especially with the realization that companies like Google and Facebook have a lot of data on a significant population across the world.

That’s where data privacy regulations e.g. GDPR, an EU-wide regulation and CCPA (California consumer privacy act and its newer version California Privacy Rights Act) comes in. But these privacy regulations don’t apply just to Google or Facebook but to almost all companies. 

These regulations provide some fundamental rights to consumer privacy; e.g. right to request data, right to request deletion of the data, right to opt-in/opt-out of data collection, right to modify data etc.

The issue with such consumer privacy rights is that while companies like Google and Facebook have a much better consumer data management strategy, the average companies don’t. To effectively comply with these consumer rights, a company would need to have an integrated consumer data store.

But the current data privacy solutions look at this problem as a regulatory chore rather than an opportunity for resolving consumer data across various silos and unifying the enterprise consumer data. So, the current solutions become a cost center for a company where the company implements a solution with very poor consumer experience just to comply with the letter of law.

For example, if a consumer goes to a retailer’s website and wants to know what all data the retailer has on her, she would need to shift through fine print to find a link to request that data, fill a form, and then wait for one to twelve weeks. In the meantime, the company creates multiple tasks associated to that request and assigns to multiple data owners in the organization to ensure data is searched and then some team will combine, clean and review the data before sending it to the requester. The current solutions in the market are trying to optimize this workflow, but none-the-less this remains a cost center and a distraction from the core business.

Gartner estimates that it costs a company on average $1400 to serve one consumer data access request. And in EU, companies have been getting between 30-240 requests per month as part of the GDPR compliance .

The consumer data privacy compliance problem has to be looked at from the lens of the spirit of the law; that the company has a complete view into a consumer’s data stored across the enterprise, and is proactive in managing consumers privacy.

This is where LayerFive comes in. LayerFive’s Compliance 360 platform solves the core problem of scattered consumer data across the enterprise first. LayerFive’s innovative identity resolution system resolves consumer’s identities across both online and offline data sources using AI and builds a comprehensive user profile.

LayerFive then makes a version of this user profile available to the end user for self-serve privacy as part of the logged-in user’s account management function.  This not only saves cost, cuts long and resource intensive workflows, but also improves consumer experience many folds, and improves brand trust.

LayerFive integrates with Shopify and Magento; two of the most widely used e-commerce platforms and makes the privacy profile available to the logged-in consumer of an e-commerce vendor.

LayerFive can integrate with hundreds of enterprise platforms that keep consumer data and makes the overall implementation of the privacy compliance a breeze.

Want to find out how LayerFive could help your company comply with CCPA/CPRA or GDPR? Contact us at learnmore@layerfive.com.

You might also like:

Google Pays $23 Million: How a CDP Can Help Prevent Future Breaches
By Ash DSouza 12 Jan, 2023
After a 12-year legal battle, Google has agreed to pay $23 million to settle a class action lawsuit brought by consumers who claimed that the company's search engine shared their queries with advertisers or other third parties without their permission. Originally filed in 2010, the lawsuit alleged that when a Google user clicked on a link in search results, the site shared the search terms entered with third parties, potentially revealing personal information about the searcher. According to the suit, advertisers pay Google to see what search terms led consumers to a particular page.
By Ash DSouza 11 Jan, 2023
As we head into 2023, retailers will need to be even more agile and responsive to the changing landscape to stay competitive and continue driving growth. This means adapting to shifting consumer preferences, new market conditions, and rising costs. One major challenge facing retailers is the shift toward e-commerce, which has accelerated rapidly during the pandemic. Online sales are projected to reach more than $31 trillion by 2025, taking an increasingly larger slice of total retail sales worldwide. To stay competitive in this environment, retailers need to offer seamless and convenient online shopping experiences and effectively leverage social media and influencer marketing to drive customer acquisition and retention.
Accelerate Your Business with Multi-Touch Attribution
By Ash DSouza 30 Dec, 2022
Multi-touch attribution is analyzing and attributing the credit for a sale or conversion to multiple touchpoints in the customer journey rather than just one touchpoint. This can be particularly useful for e-commerce businesses, as it helps marketers understand the effectiveness of different marketing channels and tactics in driving sales.
Share by: