Twilio Participates in CCPA Panel Discussion

Twilio Participates in CCPA Panel Discussion

Recently, I had the honor of speaking on a panel about the California Consumer Privacy Act (CCPA) with fellow senior privacy leaders at the Compliance Week’s West Conference here in my home city of San Francisco. It just happened to be an all women panel, just days after National Women’s Day! Compliance Week is a publication which has been around for more than 10 years and was initially started as a resource for those implementing Sarbanes Oxley compliance programs (SOX went into effect after the Enron scandal in the early 2000s). Since then, they have expanded their offering to focus on corporate governance and risk and compliance, including privacy compliance. As privacy is a growing field that compliance professionals should be knowledgeable in, Compliance Week decided to plan this conference on the west coast.

The panel that I participated in discussed the scope of the CCPA, how ambiguous the definitions are, and practical suggestions for compliance before the January 2020 deadline. We also provided practical guidance on how to operationalize CCPA compliance. I recommended that companies and organizations do even more than simply comply, but start to think about how to build a comprehensive privacy program using various privacy frameworks available.

Here at Twilio, we are currently performing a gap analysis between our current privacy program against the CCPA and will implement any required changes and update our privacy policy accordingly. As noted in our privacy policy, our approach towards privacy is “No Shenanigans,” which is one of our values. Considering we have binding corporate rules and a privacy program in place, Twilio is already at a good starting point. However, many companies didn’t have to comply with Europe’s General Data Protection Regulation (GDPR) and are just starting to think about how to put these obligations into place.

I’m also part of an informal privacy operations group and one of the challenges we will be discussing this month is about how peers and companies in the industry are operationalizing CCPA. It’s been a very busy few years for us privacy professionals and not going to be slowing down anytime soon!