Home Data-Driven Thinking Ignore No More: 3 Impending Privacy Changes You Need To Pay Attention To Right Now
OPINION: Data-Driven Thinking

Ignore No More: 3 Impending Privacy Changes You Need To Pay Attention To Right Now

By AdExchanger Guest Columnist

SHARE:
Ines Henrich, VP of sales planning and media strategy at Aki Technologies

Data-Driven Thinking” is written by members of the media community and contains fresh ideas on the digital revolution in media.

Today’s column is written by Ines Henrich, VP of sales planning and media strategy at Aki Technologies, an Inmar Intelligence company.

When it comes to privacy legislation, denial often comes before compliance.

When GDPR went into effect back in 2018, some companies in the US simply ignored it, opting to shut down or limit operations in the EU instead of adjusting their data privacy practices.

But with privacy legislation in California (CPRA), Colorado (CPA) and Virginia (VCDPA) set to go into effect 2023, American businesses will have no choice but to accept and act.

How exactly does this trio build on the precedents that GDPR and CCPA have set? And what do companies need to do now to ensure compliance in 2023?

These laws will usher in an era of classification-based compliance, privacy assessments and restrictions to data sharing. Here’s how to prepare.

Understand the distinction between controller and processor 

The EU’s GDPR identified two classes of businesses dealing with customer data: controllers and processors. Controllers determine the purpose of processing data; processors process data on behalf of the controller but do not determine the purpose for processing.

Virginia’s and Colorado’s laws borrow the controller-processor distinction from the GDPR, forcing US businesses that operate in those states to reckon with that taxonomy. 

Most retailers and brands are considered controllers – and being a data controller under new legislation will come with new responsibilities. 

Subscribe

AdExchanger Daily

Get our editors’ roundup delivered to your inbox every weekday.

Daily Roundup

Comic: The Showdown
OPINION: Daily News Roundup

Chrome Is Both Too Important And Too Unimportant; The Brand Collabos Are Getting Weird

One new hurdle to navigate? Data subject access requests. These requests are consumers’ way of invoking their rights to find out what data a company has collected from them and to delete or correct inaccuracies in that data.

Prepare for privacy impact assessments

The Colorado and Virginia laws introduce a requirement for data controllers known as a privacy impact assessment or data protection assessment. Conducting a PIA entails assessing the benefits of sensitive data processing for targeted advertising, customer profiling or other use cases relative to the risk data collection and usage pose to the consumer. 

Not sure if you’ll have to conduct PIAs? Data mapping holds the answer. Data mapping is the practice of detailing how data moves throughout an organization. It helps businesses ensure they know exactly what data they are storing, how they are storing it and where it is going in order to limit risk, provide transparency to end users and comply with regulatory requests.

If it sounds daunting, fear not. Mapping can be automated, taking some of the burden off of businesses.  

Adjust to data sharing restrictions

CCPA forced businesses to give consumers the right to opt out of sales of their data to third parties. But there was a lack of clarity about whether data sharing to facilitate targeted online ads constituted a sale and therefore required an opt-out opportunity. 

But with CPRA, there’s no gray area. 

The law explicitly defines “sharing” to include “cross-textual behavioral advertising” (or targeted advertising based on user behavior). This means the many brands that share data with ad tech providers to facilitate advertising will now need to develop opt-out capabilities for customers. 

Brands will need to clearly state what data they are sharing and give consumers the right to opt out of sharing with third parties. This shift could present a major challenge not only in operationalization and compliance, but also in its potential impact on marketing. Marketers will also want to make the best possible case to consumers for necessary data processing and sharing, explaining the value exchange customer data makes possible.

Complying with new privacy laws will require some legwork, but if companies get it right, they can transform privacy challenges into opportunities. Eliminating regulatory liabilities is a big win, but shoring up consumer trust will be the most important victory.

Follow Aki Technologies (@akiunlocks) and AdExchanger (@adexchanger) on Twitter.

Must Read

Comic: Gamechanger (Google lost the DOJ's search antitrust case)
Google antitrust

Judge Mehta’s Remedies For Google’s Search Monopoly Won’t Cure What Ails Publishers

Remedies in the federal search antitrust case against Google landed with a thud earlier this week. Most publishers and ad industry pundits were sorely disappointed.

Platforms

Conversion APIs Are Becoming Table Stakes – But Not All Brands Have Bought In

CAPI integrations have moved from a nice-to-have to a necessity for anyone operating within walled garden environments. Now they’re laying the groundwork for an outcomes-driven ad ecosystem.

Peppa Pig
Marketers

The Media And Retail Deals Behind The Peppa Pig Franchise Expansion

Peppa Pig is everywhere. Whether or not you have children, you likely know the little girl pig from the kid’s cartoon show. But the Peppa media franchise is just getting started.

Privacy! Commerce! Connected TV! Read all about it. Subscribe to AdExchanger Newsletters
CTV

How A For-Profit College Is Using CTV Ads To Win Over New Students

The American College of Education partnered with performance TV company MNTN to better reach its audience of adults seeking higher education.

Platforms

Critics Say The Trade Desk Is Forcing Kokai Adoption, But Apparently It’s Up To Agencies

Is TTD forcing agencies to adopt the new Kokai interface despite claims they can still use the interface of their choice? Here’s what we were able to find out.

Commerce

Why Big Brand Price Increases Will Flatten Ad Budgets

Product prices and marketing budgets are flip sides of the same coin. But the phase-in effects of tariffs, combined with vicissitudes of global weather and commodity production, challenge that truism.

Popular

  1. Banner. Contemporary art collage. Two people holding hands and go up on colorful columns, graph as on career ladder. Concept of partnership, business acquisition, deal, cooperation, teamwork, contract
    ad tech M&A

    Roqad Acquires Zeotap’s Third-Party Data Arm To Get A Leg Up On Identity In Europe

    Roqad is buying Zeotap’s third-party data biz to boost its identity resolution capabilities, but also for access to key integrations with major ad platforms.

  2. Platforms

    Conversion APIs Are Becoming Table Stakes – But Not All Brands Have Bought In

    CAPI integrations have moved from a nice-to-have to a necessity for anyone operating within walled garden environments. Now they’re laying the groundwork for an outcomes-driven ad ecosystem.

  3. Privacy

    Comscore Debuts A Way To Turn Consumer Profile Data Into ID-Free Audiences

    Comscore’s new AI-based initiative allows data providers to convert ID-based datasets into ID-free audience segments, helping advertisers target audiences with improved accuracy and privacy.

  4. Ann Blinkhorn, Founder, Blinkhorn LLC
    OPINION: Data-Driven Thinking

    The 7 Traits Every Ad Tech Leader Needs To Thrive In The Age Of AI

    We spoke to a score of ad tech leaders to uncover seven competencies essential for the success of the next generation of ad tech leadership.

  5. Daily News Roundup

    Breaking Up Google is Hard To Do; Eyes On Epsilon

    Google’s search antitrust trial ends with a whimper; the pitfalls of agency-owned SSPs; Perplexity axes its ads business; and brands are still building big-ticket metaverse experiences.