Home Data-Driven Thinking California’s Privacy Law: A Raw Deal For The Advertising Industry

California’s Privacy Law: A Raw Deal For The Advertising Industry


Data-Driven Thinking” is written by members of the media community and contains fresh ideas on the digital revolution in media.

Today’s column is written by Tiffany Morris, vice president of global privacy at Lotame.

The California Legislature passed privacy regulation AB 375 in June. Media coverage has rightly characterized AB 375 as the equivalent of the General Data Protection Regulation (GDPR) for the American market. While GDPR is anchored in the European idea that individual privacy is a fundamental human right, the policy motivations of the California law are unclear.

The California law rests on two false and contradictory assumptions. The first is that the use of personal data by companies for marketing and analytics is inherently harmful to consumers. And second, that the consumer has the ability to accurately determine, and harness, the economic value attributable to a company’s use of personal data.

On the first point, Section 1798.125(a)(1) of the California law states that a business cannot offer preferential pricing or rates for goods or services (including discounts) to a consumer that shares his or her data. This provision would seem to prohibit the paid advertising model that fuels nearly all digital content distribution. From the perspective of the California Legislature, the exchange of data is so risky that the consumer is prevented from sharing data – even when that exchange creates a monetary or financial benefit for the consumer. 

Few American laws place such austere limits on free enterprise. California itself is a state that has always championed innovation and choice – even where there is risk of harm to consumers. For example, it’s one of only a handful of states to have passed an assisted suicide law that permits terminally ill patients to obtain life-ending medication. And earlier this year, the 9th US Circuit Court of Appeals reviewed the constitutionality of the state’s anti-prostitution statutes. During the San Francisco hearing on the regulation of prostitution by the state, one of the judges asked, “Why should it be illegal to sell something that it’s legal to give away?”

One could pose the same question to California lawmakers about consumer data, as there seems to be an illogical presumption that providing data to companies for marketing purposes creates a special kind of jeopardy for privacy. Yet consumers give away personal data every day – to banks, credit card companies, gyms, community centers, grocery stores and even automated toll takers.

There is less scrutiny for those categories, likely because the data is required for the related transactions to function properly. The use of data for marketing and media also serves a legitimate interest, but it seems to be viewed as inherently reckless by regulators, legislators and privacy vigilantes.

Despite what lawmakers say, however, consumers are increasingly willing to share their personal data with a brand in exchange for promotions, discounts and deals. Why? Because for many, if not most, consumers, the value they receive significantly outweighs the potential privacy and security risks ­– particularly in the context of ad-supported content.

Every day, consumers use this balancing test to weigh the risks of sharing data in exchange for perceived benefits. The California Legislature seems to acknowledge, with Section 1798.125(b), that a total ban on data sharing for profit is undesirable to both consumers and companies. The provision goes on to state that a business is in fact permitted to charge a consumer a different price or rate, but only if that difference is reasonably related to the value provided to the consumer by the consumer’s data.

Consumer protection statutes typically mitigate harm by requiring companies to educate consumers about the risks of a particular action. Tobacco, alcohol and firearm regulations are consummate examples of this type of policymaking.


AdExchanger Daily

Get our editors’ roundup delivered to your inbox every weekday.

In contrast, the California statute protects the consumer’s ability to profit from a particular action. Returning to our prostitution analogy, imagine a law that legalizes prostitution – but only if the economic gain to the prostitute sufficiently outweighs the risks of sexually transmitted diseases, violence, etc. Who makes that determination? Few, if any, American laws mandate the terms under which companies or consumers transact business because it undercuts the very essence of American capitalism.

Further, this approach completely ignores the fact that consumer data is valuable precisely because it is big data. The individual data provided by a consumer to a company for marketing purposes is not particularly valuable on its own. It only becomes valuable when aggregated and combined with other data points – a process invented and revolutionized over the past 15 years by technology providers.

To be effective, a piece of legislation should reflect and promote underlying policy. In the case of AB 375, the policy motivations are not clear. Is the law trying to protect consumers from the privacy risks of big data and automated decision-making? Or are we trying to transfer the economic value of big data from companies to consumers?

The first is a European principle; the second, a uniquely American perspective.

More importantly, the two concepts are at odds – philosophically, and even within the actual text of AB 375. Until the policy goals are made clear and enabled by the law, it cannot serve the interests of either party.

Follow Lotame (@Lotame) and AdExchanger (@adexchanger) on Twitter.

Must Read

Advertible Makes Its Case To SSPs For Running Native Channel Extensions

Companies like TripleLift that created the programmatic native category are now in their awkward tween years. Cue Advertible, a “native-as-a-service” programmatic vendor, as put by co-founder and CEO Tom Anderson.

Mozilla acquires Anonym

Mozilla Acquires Anonym, A Privacy Tech Startup Founded By Two Top Former Meta Execs

Two years after leaving Meta to launch their own privacy-focused ad measurement startup in 2022, Graham Mudd and Brad Smallwood have sold their company to Mozilla.

Nope, We Haven’t Hit Peak Retail Media Yet

The move from in-store to digital shopper marketing continues, as United Airlines, Costco, PayPal, Chase and Expedia make new retail media plays. Plus: what the DSP Madhive saw in advertising sales software company Frequence.

Privacy! Commerce! Connected TV! Read all about it. Subscribe to AdExchanger Newsletters
Comic: Ad-ception

The New York Times And Instacart Integrate For Shoppable Recipes

The New York Times and Instacart are partnering for shoppable recipe videos.

Experian Enters The Third-Party Data Onboarding Business

Experian entered the third-party data onboarder market on Tuesday with a new product based on its Tapad acquisition.

Albertsons Takes Its First Steps Into Non-Endemic Advertising, Retail Media’s Next Frontier

Albertsons is taking that first step into non-endemic advertising next week via a partnership with Rokt to serve ads to people who have already purchased groceries.