Feb 22 2019

Much has been made of California Governor Gavin Newsom’s recent endorsement of “data dividends”: payments to consumers for the use of their personal data. Common Sense Media, which helped pass the CCPA last year, plans to propose legislation in California to create such a dividend. The proposal has already proven popular with the public; one recent poll showed 45% of California voters support the idea while only 28% are opposed.

While this proposal has been treated like an unwelcome after-shock following last year’s CCPA earthquake, perhaps it should not have been such a surprise to the denizens of the digital economy. After all, contained in the CCPA’s “Right to Nondiscrimination” provisions is a clear and explicit endorsement of “pay to play” arrangements between data collectors and consumers. Section 1798.125 b. of the CCPA provides:

  1. A business may offer financial incentives, including payments to consumers as compensation, [emphasis added] for the collection of personal information, the sale of personal information, or the deletion of personal information. A business may also offer a different price, rate, level, or quality of goods or services to the consumer if that price or difference is directly related to the value provided to the consumer by the consumer’s data.
  2. A business that offers any financial incentives pursuant to subdivision (a), shall notify consumers of the financial incentives pursuant to Section 1798.135.
  3. A business may enter a consumer into a financial incentive program only if the consumer gives the business prior opt-in consent pursuant to Section 1798.135 which clearly describes the material terms of the financial incentive program, and which may be revoked by the consumer at any time.
  4. A business shall not use financial incentive practices that are unjust, unreasonable, coercive, or usurious in nature.

While the CCPA explicitly declares consumer waivers to be against the public policy of the State and hence unenforceable, it looks with approval on voluntary, informed “pay-to-play” incentive plans. By allowing businesses to pay consumers for the privilege of using, selling and deleting personal information and offer different service levels based on access to consumer data, the CCPA diverges markedly from the GDPR. The GDPR holds that a company may not charge extra to anyone who chooses to exclude her data from collection. As a result, businesses subject to the GDPR are unable to differentiate on price between a person whose data is collected and one whose data is not.

With spring training in progress and Opening Day around the corner, a time-honored baseball aphorism suggests a strategy for progressive companies: “Go with the pitch.” Businesses with broad exposure to the CCPA and business models dependent on the collection and use of personal information could follow the State’s lead and include a consumer incentive in their terms of use in exchange for greater freedom to use consumers’ personal information. The cost of such incentives might be easily offset by increased freedom to use consumer data, ability to differentiate service levels based on access to those data, and reduced risk of enforcement. Not to mention the benefit of being seen as taking the high road and paying consumers for the “raw materials” of the services they desire. Companies with well-developed loyalty programs could easily tie in information incentives, offering consumers willing to part with more meaningful data more “points” or rewards than those opting out of providing data “related to the value provided to the consumer”.

Current terms of use would need to be amended to include the necessary consent under the CCPA and offer the information incentive program to consumers in accordance with the guidelines set out in the CCPA. For more information on the CCPA and financial incentives, please feel free to contact the authors.