Note: I am not a lawyer and this article should not be constituted as legal advice. It is your responsibility to ensure that your website follows all the laws in countries where your website operates and complies with the applicable policies as and when changes are made.
With that said, you should know how huge the data business is. Businesses spend millions and billions of dollars every year to get their hands on large amounts of data. It is because data is what helps them run their business. It helps them understand what people are looking for, predict the business future, and do a lot more things.
Data is like oil to the machinery and analytics is possible the biggest gear that helps it keep running. Data without analytics is like winning a lottery and not knowing how to use it.
There are many ways businesses collect data and Google Analytics is just one technique. Incidentally, it is also the largest and most popular tool almost everyone from a small blogger to a huge corporation uses to collect data and analytics about site visitors and app users. It allows them to track users no matter which device they are on.
For example, you might be logged into Google Chrome on your phone and search for the latest iPhone, click on a link to Amazon and continue the purchase later on a PC. It is still counted as the same even if it were broken down into different sessions.
Well, that’s a lot of thing to digest in one go for an introduction. Let’s jump into today’s article.
What is CCPA
According to Wikipedia, the California Consumer Privacy Act or the CCPA is a new age data protection law intended to enhance privacy rights and consumer protection for residents of California, United States.
With this law in place, every Californian has the right to know what personal data about them is being collected and processed, ask businesses not to sell their data, and ask them to delete the information.
This is somewhat like the GDPR but not very much. GDPR was more focused on giving the residents of the European countries their individual privacy back.
Who does CCPA apply to
Well, the CCPA does not apply to everyone. It only applies to entities that do business in California, collects consumers’ personal data, and satisfies at least one of the following conditions –
- Annual gross revenue greater than $25 million
- Engages in buying or selling the personal information of 50,000 or more consumers or households
- Earns more than 50% its annual revenue from selling consumers’ personal information
If you don’t comply with these rules, you could be penalized with a fine up to $7,500 for each intentional violation and $2,500 for each unintentional violation. That could easily add up to millions of dollars in fine alone along with other expenses and damages. Who wants to be the bad guy here? Definitely not you!
Is Google Analytics CCPA compliant
Well, Google Analytics is only a tool that helps you gather data and analytics. It is not intelligent and it definitely cannot treat people differently based on where they are from. It does just one thing and it’s very good at it – collects IP addresses, gender, age, device, and the other potentially personally identifiable information.
So, Google Analytics is not CCPA compliant out of the box. It is up to you, as a business owner to make sure it remains CCPA compliant.
How to make Google Analytics CCPA compliant
You can easily make your Google Analytics CCPA compliant by using MonsterInsights – a popular Google Analytics plugin for WordPress. Although it’s a free plugin, you need to be on their Plus or Pro plans to make use of this nifty little EU compliance add-on that they have got. It does all the heavy lifting for you and can make Google Analytics on your WordPress site more than halfway compliant. I highly recommend that you read my MonsterInsights review before buying it so that you can understand the added benefits it can bring to the table apart from making your WordPress site CCPA compliant.
You don’t need to break your head and hire a developer to set it up for you. You can do it on your own. Using the MonsterInsights EU Compliance addon, you can –
- Anonymize IP addresses
- Disable the demographics and interests reports for remarketing and advertising
- Disable UserID and author name tracking
- Integrate with the popular cookie consent WordPress plugins
- Get consent on AMP pages, and more
Step 1 – Install the MonsterInsights WordPress plugin and configure Google Analytics on your site, link to the tutorial.
Step 2 – Install and activate the EU Compliance Addon from the MonsterInsights Addons page.
Step 3 – Then, navigate to Insights –> Settings –> Engagement page from your WordPress dashboard and scroll down to the EU Compliance section. Everything should be configured out of the box for you. If not, you can make changes to them.
Step 4 – Now, using one of the popular cookie notice and consent plugins, create an opt-out consent form on your WordPress site so that your site visitors can choose to opt-out from sharing their data with you. We are doing this because it is mandated by the CCPA mandates. I recommend you to go with Cookie Notice for GDPR & CCPA. If you can’t create a Do Not Sell My Personal Information document on your site, you can use Cookiebot as it can create one for you.
With that said, we have come to the end of the article. I really hope you found this article useful. If you did, please consider sharing it on social media. Thanks!