California, preserve customer loyalty programs!
California
Consumer Privacy Act
to
take effect in January 2020
The
National Retail Federation (NRF) and the California Retailers Association (CRA)
asked state officials to preserve popular customer loyalty programs, protect
businesses from potentially ruinous financial penalties and address other
provisions of a new privacy law set to take effect next year that could
interfere with consumers’ expectations for customer service.
“Data
drives retail and the customer experience,” NRF Senior Vice President for
Government Affairs David French said. “Retailers are firmly on the side of
consumers and collectively spend billions of dollars each year to enact
policies and build systems to protect personal information. But we believe the
California law will have far-reaching effects that will interfere with
retailers’ ability to offer the customer service Californians demand.”
“Retailers
know that establishing long-term relationships with their customers requires
more than just providing merchandise at a price they can afford,” CRA President
Rachel Michelin said. “It requires maintaining consumers’ trust. We look
forward to engaging with the attorney general and the California legislature to
ensure that this law and its regulations strike the proper balance.”
NRF
and CRA submitted comments to Attorney General Xavier Becerra as the state
Department of Justice prepares to draft regulations for implementation of the
California Consumer Privacy Act. The law was passed last summer and is
scheduled to take effect in January 2020, places sweeping restrictions on how
retailers and other businesses can collect and use information about consumers.
The
letter emphasized that retailers gather data about consumers primarily to
better serve them, in sharp contrast to other industries that gather consumer
data primarily to monetize it by selling it to other businesses.
NRF
and CRA are concerned about non-discrimination provisions of the law including
a prohibition on retailers treating consumers who exercise privacy rights any
differently from those who do not, which could put an end to retail loyalty
programs that offer discounts to members.
“Virtually
all retail customers are willing to yield some personal data in exchange for
more personalized service or tangible benefits like discounts or instant
coupons,” French said. “The California privacy law, as currently written, will
end these popular and valuable benefits.”
The
new law may saddle businesses with penalties of between $100 and $750 per
consumer per data breach incident, resulting in “enormous and financially
ruinous damage awards without regard to the size of the business, the
circumstances of the breach or mitigating factors such as the good faith or
level of cooperation of the business,” NRF and CRA said in the letter to
Becerra.
Companies
that are breached are “not malicious or reckless bad actors but rather are the
victims of often highly sophisticated financial fraud and computer crimes,” the
letter said. While the law applies only to companies with locations in
California or doing business with Californians, NRF is concerned that it could
become a model for legislation in other states or in Congress.
Comments
Post a Comment