Google Analytics is a vital tool when running a website. The reason is that it helps track various things on a site and understand the user’s behavior. Millions of websites around the world use this tool. The problem comes in when your Google Analytics fails to comply with CCPA. You can get into trouble since Google Analytics collects your visitors’ data, and this may violate the user’s rights to privacy.
This post will explain to you how to confirm if your GA complies with CCPA.
Table of Contents
What is CCPA?
California Consumer Privacy Act (CCPA) refers to a detailed law in the United States that protects data. The law took effect on January 1, 2020, and enforced on July 1, 2020. The law is to protect the right of privacy of the people of California. CCPA observes how data firms and sites obtain personal info online and whom they share it with. Under CCPA, the residents of California have these rights:
Right to be Informed – A user needs to know how a data firm or a website gathers, discloses or shares personal Data
Right to have Data Deleted – A citizen has all the rights to have his or her info removed from a website
Right to See What Data – A person is allowed to see which data about him or she was gathered in the last 12 months.
Right to Equal Services and Price – No person in California should be sidelined by a website when practicing this right and should be given a fair price and services as others
Right to Opt-Out – A person has a right to opt-out a website renting, releasing, or selling his or her personal info to third parties.
With this info, I am sure that you are now asking yourself if this new law applies to your website.
Who needs to comply with CCPA?
CCPA does not apply to all compared to GDPR (a European data privacy law). Below is a list of terms that your website needs to meet first before it complies with this law:
- The site needs to have $25 million or higher annual gross revenue
- 50% of your annual income should come from selling personal data
- Your site should sell, buy, or receive personal data of 50,000 devices, consumers, or households
If your website doesn’t comply with CCPA, what happens to it? You stand to part with $7,500 if you are found to intentionally violate this law. This will apply to each person or violation. If you broke this law without knowing, then you are going to end up paying up to $2,000 per individual per violation. Fines may range from $100 to $750 per consumer per incident. This is when a client files a lawsuit against your firm. This also applies to the actual damage.
Also, you can read How to Set Up Author Tracking On Your WordPress Site by MonsterInsights
Does Google Analytics need to comply with CCPA?
It is a good thing that you now know what CCPA is and if your business needs to comply with it or not. The next thing we need to look at is how Google Analytics relates to this law. GA is a good tool when it comes to knowing how your visitors engage with your website. The tool does this by assigning users a UserID. By doing so, it records personal info such as gender, IP address, age, device, and other details that are used to identify a person.
This makes GA a subject to CCPA since it gathers personal info. This does not mean that this tool is bad and that you should disable it on your website. This is an extreme measure since you need its services to make most of the decisions in your company. If you are not going to use GA on your site, you will be forced to guess what your clients want, which is a risky affair. The better thing to do is to ensure GA complies with this law by making a few changes to it. You can easily do that in these ways:
Making Google Analytics Comply with CCPA
If you are in the dark on how you can make your GA comply with this new rule, here are three steps you need to follow to ensure that Google Analytics meets CCPA requirements.
Step 1: Installing MonsterInsights and its EU Compliance Addon
If you want to manage your GA very well, then you need the best Google Analytics plugin to help you do that. There is no other tool that does this well than MonsterInsights. To help you comply with CCPA, you need to install this GA tool and its EU Compliance addon. With the EU Compliance addon, you can automate several processes to comply with CCPA. One way of doing this is to disable personal data tracking in Google Analytics. Below is what the add-on can do for you:
- Disable UserID tracking
- Anonymize user’s IP address
- Author tracking can be disabled
- Disable demographics
- Disable interest reports for advertising
- Enable ga() compatibility mode
- Before tracking user data, you can allow AMP addon users to agree with the Google AMP consent box
- Make it easy for GA to integrate with Cookie Notice WordPress plugins and CookieBot
The addon is accessible by going to Insights » Addons» EU Compliance. Once you are there, just install and activate the addon.
When you are done with this, head over to Insights Insights » Settings » Engagement. Scroll down to EU Compliance and change the settings by and disabling tracking features. This will help you ensure that your GA complies with CCPA.
Step 2: Creating an Opt-Out Consent Box
The second step is to create an opt-out consent box once you are done setting up MonsterInsights and its EU Compliance addon. This is to allow users to opt-out of a website that shares their data with third parties when they want to. This is among the rights that users have in CCPA. Free WordPress plugins like Cookie Notice and CookieBot offer you simple ways of creating an opt-out consent box. Since these two tools can easily connect with this plugin, they both have in-built options to set up an opt-out consent box. With CookieBot, you can scan your site and create a cookie declaration link and place it on your website. That is not all as it also allows you to create a Do Not Sell My Personal Information document. This document can be linked to your website to help you comply with CCPA.
See More:- How to Easily Track Events in WordPress with Google Analytics
Step 3: Keeping Your Privacy Policy Updated
You will also need to update your privacy policy once you have added an opt-out consent box on your website. This is crucial since one of the rules under CCPA in California is the right to information. The first thing you need to do is inform your users that your website uses Google Analytics. The second thing is to tell them what kind of personal info you are going to gather with GA. The third thing is to inform the purpose of the Data you are going to get from them. This includes how you are going to use it and whether you are going to share it with third parties.
Also included in the updated privacy policy are details of the various tracing cookies you are going to use to track user info in your site. And finally, you have to tell the user the process that they need to follow to view their stored data, and what they can do to delete their stored data.
Final thought
To avoid lawsuits if you are running a website that uses Google Analytics to gather personal data, you need to ensure that your GA complies with CCPA. This law was enforced by law on July 1, 2020, and all businesses in California have to adhere to these rules to protect the privacy rights of their consumers. By installing MonsterInsights on your site, you stand a better chance to comply with CCPA when using GA to collect personal data. You can do this using its EU Compliance addon that allows you to disable tracking in GA. We believe that this article on how to ensure your Google Analytics complies with CCPA was useful to you, and you can do that to your site now!
Here are a few more topics that you shouldn’t miss:
5 Best Google Analytics Plugins for WordPress in 2018
Analitify Review: Google Analytics Plugin for WordPress
How To Create WordPress Multi Page Form [Step-by-Step with Pics
Like this post? Don’t forget to share
No comment yet, add your voice below!