Latest Blog

The California Consumer Privacy Act, DSARs and the case for technology

3 February 2020 | Emily Foges

The European Union’s General Data Protection Regulation (GDPR) came into force in 2018, introducing major changes in the EU and EEA and setting the tone for a new era of data privacy. In January 2020, California has followed suit with the California Consumer Privacy Act (CCPA). Otherwise known as ‘America’s GDPR’, the CCPA imposes significant obligations on businesses for collecting, reviewing and producing data. With the inevitable rise of Data Subject Access Requests (DSARs), implementing an effective tech solution is crucial for business survival.

What exactly is the CCPA?

Similar to the GDPR, the CCPA outlines guidelines for organisations to provide transparency about how they are collecting, sharing and using an individual’s personal data. In the event of a data access request (DSAR), any company in the world that serves Californian consumers, has at least $25 million in annual revenue, or has a personal data of at least 50,000 people, must deliver all relevant information to the requestor within a 45-day window. The CCPA also allows individuals to sue companies if the act’s privacy guidelines are violated, even if there is no breach. More concerning for firms, in the event of non-compliance, organisations can be fined up to $7,500 per violation.

Manually trawling through millions of documents in order to find the relevant subject’s data is unfeasible for advisors. As well as being a drain on resources, the tight turnaround required under the CCPA makes this a near impossibility. With Gartner predicting that by 2021, 80% of the negative financial impact of the CCPA will stem from a failure to implement scalable processes to manage data requests (DSARs), adopting an easily deployable, cost-effective and efficient technology solution becomes all the more important. Using Luminance, advisors are empowered to stay abreast of a fast-changing data privacy landscape, confident that nothing has slipped through the cracks.

Future-proof your organisation with Luminance Discovery

Unlike legal technology vendors which require months of training before advisors can even see meaningful results, with the assistance of Luminance’s cutting-edge platform, lawyers can start their review immediately after document upload. Luminance’s core technology - LITE (Legal Inference Transformation Engine) - leverages a unique combination of supervised and unsupervised machine learning with pattern-finding algorithms to immediately analyse and cull huge volumes of documents in seconds. This provides lawyers with an unmatched insight into the data room, allowing them to drill down to the relevant information and re-direct their focus to more high-value analysis - essential for a DSAR. By adopting Luminance, advisors are empowered to complete data requests effectively, economically and rest assured that their legal obligations are kept in check.

Optimise DSARs

Relying on traditional methods to review huge volumes of documents for a DSAR is an incredibly burdensome task. Using legal technology empowers advisors to proactively comply with a changing privacy and consumer rights landscape, transforming a slow, costly process into something more efficient and more effective.