Is your website CCPA compliant? Wondering what CCPA is? Keep reading to know more…
Google Analytics is one of the most popular analytics tool used by millions of website owners all around the world to analyze their website’s performance and user behavior. But the way it collects data about your visitors can get you in trouble if it doesn’t meet CCPA compliance
In this article we will tell you how to make sure that your Google Analytics is CCPA compliant and also do a deep dive on what exactly is CCPA and why it is so important to have CCPA Compliance
What is the CCPA law and what is it’s importance?
The California Consumer Privacy Act (CCPA) is a state-wide data privacy law that regulates how business owners all around the world are handling user’s personal data of California residents.
The law went into effect on 1st January 2020, and is enforceable from July 1, 2020
The CCPA law aims at protecting the privacy of the users from California. This law calls for more transparency from the organizations on what information is been collected, how it is used and with whom is the data shared.
Below we have mentioned some of the rights that California users have under the CCPA law
Right to be informed about the usage of data – Users should be informed about how their personal information is been collected, shared or used by a website
Right to have data deleted – The citizens of California have the right to get their data erased from the website
Right to see the data been collected – The user has the right to see what data of theirs is been collected by the website. This includes data that has been collected in the past 12 months
Right to Equal Services Pricing – The website owners shouldn’t discriminate amongst the users who have exercised these rights and the users should be given the same price as other consumers without discriminating
Right to opt-out – If a user wishes to opt-out from websites collecting personal data they can do so
You need to configure your Google Analytics in such a way that it is compliant with CCPA. We are going to discuss this in the second half of the article
Now you must be scratching your head wondering if the CCPA law is applicable to you or is your website CCPA compliant? Let’s dive deeper into the details
Who All Need to Comply with CCPA?
CCPA isn’t applicable to everyone unlike GDPR. If your business falls under the below category or meets the following conditions then you have to comply with CCPA.
– You buy receive or sell information of 50,000 or more customers, household or devices
– If your 50% or more of annual revenue is generated by selling consumer’s personal information
– Your Gross annual revenue is $25 million or higher
Is their any penalty if one is not CCPA Compliant?
You must be wondering what would happen if you are not CCPA compliant. What are the penalties if you are not CCPA compliant? Let’s check out all of that in detail below
If you are found to violate the CCPA law intentionally you could face penalties upto $7500 per violation per individual.
And in case a user files a lawsuit, fines can range between $100 to $750 per consumer per incident, or the actual damage (whichever is greater).
This law is specifically against selling or sharing a user’s personal information in exchange of money or something of equivalent value
Now you must be wondering what does CCPA have to do with Google Analytics and why you should even be bothered about it
As we sated above, Google Analytics is one of the most popular analytics tool used by website owners all around the world for tracking their website performance and user behavior. But in order to get this data, Google Analytics collects User ID, IP addresses, age, gender and other demographics which come under the category of personal information of a user. This comes under the explanation of CCPA’s explanation of personal information of a user
What do we do then, should we stop using Google Analytics altogether?
Not using Google Analytics would be an extreme step. If you don’t use Google Analytics you won’t get an idea of what your users are doing on your site, how many visitors came to your site on a particular day, for how long they stayed on your website and much more. You will be missing out on all of these details if you decide to drop Google Analytics from your process.
A simple solution is to make few changes by making use of the EU Compliance addon (explained in the next steps) to make changes so that you are compliant with CCPA.
Now that we have got good amount of info about CCPA law let’s go ahead and understand how to make Google Analytics CCPA Compliant
How to Make Google Analytics CCPA Compliant
We are going to make use of a WordPress plugin called Monsterinsights and a EU Compliance addon in order to make Google Analytics CCPA compliant
So if you haven’t bought the Monsterinsights Pro license then you should get it by clicking on the button below before we proceed further.
Assuming that you have already bought the Monsterinsights Pro license let’s proceed ahead with the next steps
Step 1: Install and Activate the Monsterinsights Plugin
Once you have done the above step then login to your Monsterinsights account and go to the downloads section, there you will see a button “Download Monsterinsights”
Once you click on the “Download Monsterinsights” button a ZIP file will be downloaded (might be downloaded to your computer). We would need this in the next steps
Now navigate to your WordPress dashboard and click on Plugins→ Add New
Once you click on “Add New” you will come across “Add Plugin [Upload Plugin]” option
Once you click on Upload Plugin you will get an option as shown in the below screenshot.
Now you have to upload the ZIP file which you had downloaded to your computer. Once you have chosen the ZIP file then click on “Install Now”
Once you click on “Install Now” then you should Activate the plugin. Once you have activated the plugin you will have to enter the license key which you can find under Downloads when you login to your Monsterinsights account. Refer to the below given screenshot.
Step 2: Paste the License Key
Once you have found the License Key you will copy it and paste it inside the space provided for License key. Let us see how you can do that.
Navigate to your WordPress dashboard and navigate to the “Insights” section. Now click on Insights–> Settings (You can refer to the below screenshot to understand this step better)
Once you click on Settings you will come across a box wherein you have to enter the LIcense Key (refer to the below screenshot)
In order to be compliant with CCPA law you will have to install the EU Compliance Addon which is offered in Monsterinsights’s Pro License.
Step 2: Install the EU Compliance Addon Inside Monsterinsights
By making use of the EU Compliance addon you can disable personal data tracking in Google Analytics at the click of a button. The addon helps you automate the various processes needed to be compliant with CCPA
You can disable the Demographics and interest reports for advertising (Google Ads) remarketing tracking
In order to Install the EU Compliance addon follow the below given steps
Go to Insights –> Addons
Once you click on Addons you will come across a list of all the addons inside Monsterinsights. Keep scrolling until you find the addon by the name “EU Compliance”. Once you come across the EU Compliance Addon click on Install
Once the addon is activated we will configure the EU Compliance settings. Follow the below given steps in order to configure the settings
Go to Insights –> Settings –> Engagement
Once you click on the Engagement tab scroll down until you come across EU Compliance section
Now you can change the settings and disable different tracking features so as to comply with CCPA
Step 3: Create an Opt-out consent box
As we discussed above one of the rights of the user under the CCPA law is that they can opt-out from websites sharing their data with third-parties. So our next step is to create an opt-out consent box
In order to create an opt-out consent box we are going to make use of the WordPress plugin called CookieBot or Cookie Notice. Both these plugins offer in-built feature which makes it easy to create opt-out consent box and integrate with Monsterinsights as well.
Not only that these plugins also creates a DO NOT Sell my Personal Information document which you can link to in order to make it compliant with CCPA
CookieBot creates a cookie declaration link which you can add to your website
In addition to this you should also include details on if you are using cookies to track user’s information. Last but not the least, you have to outline the process the users have to follow in case they want to see what data has been stored and get it deleted if they want (note that both these rights are covered under the CCPA law)
To conclude, if you are a business that falls into one of the categories mentioned in the article then it is of utmost importance that you follow all the above given steps and make your website & Google Analytics CCPA compliant.
You can make use of EU Compliance Addon inside Monsterinsights plugin to make your Google Analytics CCPA compliant
We hope you enjoyed reading the article as much as we enjoyed compiling the article for you.