Skip to content
CCG Insights

Insight

  • Insight

California and Europe Privacy Regs Pressure FIs and Finserv Organizations

Fintech Is Vital to the Future of Banking, Regulators Agree

California and Europe Privacy Regs Pressure FIs and Finserv OrganizationsOn June 28, the California’s legislature swiftly introduced and passed the California Consumer Privacy Act of 2018, which provides new rights to consumers, and aims to bring more transparency to business using personal data.

The law, AB 375, gives consumers the right to ask businesses for the types and categories of individual data collected. It also requires businesses to divulge the purpose for amassing or selling the information as well as the identity of third-party organizations receiving the data. Consumers can also request the deletion of information and instigate civil action if they think an organization neglected to protect their personal data.

“California has taken the lead,” states Karen Dhillon of CCG Catalyst. “It is only a matter of time until we likely see other states follow statutes similar to AB 375 to protect Consumer Privacy rights.” 

The CCPA applies to banks, credit unions, savings and loans, credit card companies, insurance companies and other financial service companies; and allows consumers to put limits on what financial companies can do with personal financial information.

“AB 375 responds to the recent data breaches that have affected millions of people – those experienced by Target, Equifax, Cambridge Analytica, and many more,” Assembly member Ed Chau and the other co-authors of the bill said in a press release. “The collection of our information combined with data breaches has raised concerns from internet users worldwide.”

CCPA also touches on children’s data. Specifically, AB 375 prohibits the sale of personal data for individuals between the ages of 13 and 16 years unless they specifically opt in. For anybody under the age of 13, a parent or guardian must provide consent.

Damages range from $100 to $750 per consumer incident, or based on “actual damages, whichever is greater,” AB 375 stated.

Despite the passage of AB 375, however, it is not yet a done deal. Amending the law is possible prior to it’s going into effect until Jan. 1, 2020.

There are indications the tech industry is not going to back off trying to amend or tone down CCPA. The Internet Association, composed of Amazon, Facebook, Google, Uber and many other billion-dollar technology firms, dubbed AB 375 a “last-minute” deal that needs modification. 

“Given the recent data breaches affecting consumers globally, financial institutions are prioritizing the framework of requirements to protect their clients,” said Dhillon.

Parts of AB 375 look a lot like Europe’s General Data Protection Regulation. Many U.S. firms, including banks and other financial institutions and financial service organizations, that do business with European Union customers and citizens/residents now need to deal with the EU’s GDPR, effective May 25, 2018.

The GDPR rules over data protection and privacy for all individuals within the European Union. It addresses the export of personal data outside and ensures there is a single set of criteria to protect individuals and help companies understand compliance issues when it comes to personally identifiable information.

GDPR not only went into effect across all 28 EU nations but the United Kingdom plans to adopt the same standards as well despite Brexit.

The fines for not complying with GDPR are up to 20 million Euros (about $23.5 million) per violation or up to 4% of the organization’s annual revenue, whichever is higher. In a breach scenario, the fines per breach per person are 10 million Euros (about $11.8 million) or up to 2% of the financial institution’s revenue.

European regulators’ scrutiny of companies such as Google and Facebook and increasing worries over the buying and selling of people’s personally identifiable information, in part, drove passage of GDPR.

You Might Like These, Too

Capital One’s Andrew Nash Sees the Industry’s Focus – At Last – Turn to Identity

Capital One’s Andrew Nash Sees the Industry’s Focus – At Last – Turn to Identity

Consumers Are Ready for Biometrics

Consumers Are Ready for Biometrics

Gig Economy Workers Flock to Mobile Payments

Gig Economy Workers Flock to Mobile Payments

Mobile Payments Will Rule POS in Ten Years’ Time, Experts Say

Mobile Payments Will Rule POS in Ten Years’ Time, Experts Say

Leaders in Bank Consulting

About CCG Catalyst
Latest Insights
CCG

PHOENIX • NEW YORK • LONDON • SINGAPORE

Phone: +1-480-744-2240  • Contact Us

© 2023 CCG CATALYST CONSULTING. Privacy Policy & Terms of Service.
Request a Call Back
Linkedin Twitter
Subscribe
to our Insights
Subscribe
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
Cookie SettingsAccept All
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT
BANK
FINTECH
FUSION
  • About
  • Services
  • Insights
  • Fintech
  • Research
  • Team
  • Contact
  • Press
  • Careers
  • Events
  • RFI / RFP
  • Terms
  • Privacy
Linkedin Twitter Search
Subscribe for Insights

CCG INSIGHTS FOR BANKS, FINTECHS, AND CREDIT UNIONS

The Fed, Real-Time Payments, Alexa and Apple P2P, Part of Payment Revolution
  • Weekly digest of what's new
  • New research snapshots
  • Exclusive access to banking and fintech research
  • Industry news
  • Invitations to webinars and webcasts