Back to Blog

Webinar Recap: How to Manage CCPA Permission and Access Requests

  • - LiveRamp
  • 3 min read

Tim Geenen, GM, Privacy & Consumer Experiences, LiveRamp, and Justin Antonipillai, CEO, WireWheel, share how our joint solution works hand-in-hand to help you comply with opt-outs and data subject access requests.

The California Consumer Privacy Act (CCPA) takes effect in less than a month. If you’ve been preparing to comply with the law but remain flummoxed about what compliance actually entails, don’t worry—you’re not alone.

“I was at a client meeting last week and they said, ‘We’ve been doing this for 10 months now, but we still don’t know what we should actually do,” Tim Geenen, GM, Privacy & Consumer Experiences, LiveRamp, shared during our webinar, Preparing for the CCPA, part 2: How to Manage Permission and Access Requests. To bring clarity to a complex law and share how companies can use technology in their compliance strategies, he and Justin Antonipillai, CEO of WireWheel, explained our joint “easy button” for handling opt-outs and data subject access requests, two major tenets of the CCPA.

Here are a few takeaways from the webinar. If you identify with the client Tim met with, you may want to spend 30 minutes watching the full session.

Consumer choice influences how a web page or application is built

Tim shared that many third-party scripts inform the build, which occurs in the second or two it normally takes to load the content you’re after. This is something companies and consumers alike often misunderstand.

In giving consumers access and control over their data, LiveRamp Privacy Manager categorizes these third-party vendors on a per-purpose level so the consumer understands why a company may be collecting their data. This helps consumers make an informed decision—on page or in-app—about the data collection they are comfortable with, and therefore, communicates the value exchange for sharing their personal data in the process.

Prepare to handle requests at scale

There’s no telling how many requests for data subject access, correction, or deletion affected companies will receive after January 1, 2020. It could be hundreds, thousands, or even millions. The level of documentation and coordination required even for one data subject access request is significant, making it vital to use an automated solution, which LiveRamp and WireWheel provide.

A good example of this is deletion, which is when a consumer requests that their personal data be expunged from the company’s records. In the LiveRamp-WireWheel joint solution, this request can be automatically communicated to all of your downstream partners. Another example is fulfilling consumers’ “right to knowledge,” which requires companies to provide them with the types of personal data they’re collecting, processing, storing, or sharing. “All of these critical documents and records can be automated in terms of creation on WireWheel,” Justin explained.

CCPA applies to B2C and B2B companies

Lastly, just because the second C in CCPA stands for consumer doesn’t mean that B2B companies are exempt from the law. “If you buy or manage a large amount of consumer personal information,” Justin noted, the CCPA applies to your business. As this is a data strategy many B2C as well as B2B companies employ, all that purchase or manage personal information must be able to take opt-out and data subject access requests.

Have more questions about the CCPA? Be sure to register for our CCPA Ask Me Anything Webinar (AMA) on Wednesday, Dec. 11, 2019, from 12:00-12:30 pm PT/3:00-3:30 pm ET. You can only submit questions in the webinar interface, so you don’t want to miss it!