Can You Stop Websites From Selling Personal Data?

April 19, 2024

picture of trendy people to accompany article about stop websites from selling personal dataCan you stop websites from selling personal data? These days, both personally and professionally, privacy is a big concern, and people are starting to ask questions about their data.

Who Can Get Your Info?

Businesses collect personal data, including user location, search history, and domain frequency. In some cases, critical information, like social security numbers, postal addresses, occupational information, and email addresses, are also captured. Primarily, companies use the data to craft personalized marketing experiences. Occasionally, it gets into the hands of scammers and fraudsters.

The landscape raises questions. For example, can consumers stop websites from selling personal data?

Enter the California Consumer Privacy Act

In 2020, California enacted the California Consumer Privacy Act, which gives users access to their digital data. Under the law, everyone can prohibit the sale of personal data and demand its deletion.

And even though it’s a California law, most websites, regardless of location, need to comply if they allow Californians access. According to the language of the law, the following parties are bound to it:

  1. All digital platforms, regardless of location, that allow Californians access to their sites, collect user data, and have gross annual revenues of more than $25 million.
  2. Companies, regardless of location, that buy and sell personal data of more than 50,000 consumers.
  3. Operations, regardless of location, that earn over half their profits from selling collected data.

To play it safe, if your website or app uses tracking cookies and allows access to California residents, comply with the new CPAA regulations.

Can You Stop Websites from Selling Personal Data Using the CPAA?

Under the CPAA, parties must implement certain protocols and procedures, which, when combined, can be used to effectively remove your information from certain websites and platforms.

  1. Most businesses must create a clear and easy link titled “Do Not Sell My Personal Information” that enables users to opt-out.
  2. In the event of a data breach, the CPAA allows affected parties to file class-actions and receive nominal material awards.
  3. Under the statute, California attorneys general can fine companies who violate the law.

Since the law is relatively new, businesses should consult a legal expert for compliance assistance.

Interested in other online privacy topics that affect small businesses? Click here.

Are you a journalist who’d like the perspective of a business consultant in the digital privacy space? Click here.