Google will allow sites and apps to disable personalized ad serving across its ad products to help partners comply with the California Consumer Privacy Act (CCPA).
The CCPA goes into effect in less than six weeks.
Here’s how it works: Advertisers and publishers will be able to restrict how data is processed through Google Ads, App Campaigns and Google Analytics (both the regular version and Google Analytics for Firebase).
When they do, Google will act as a service provider, which means that data can only be used for certain limited business purposes, such as ad delivery, reporting and measurement, security and fraud detection, debugging and product feature optimization. But personalization will be off the table, Google explained Wednesday in a blog post.
If a publisher enables restricted data processing for certain users through AdSense, say, Google will disable ads personalization for those users on that publisher. Or if a publisher enables the feature for Google Ads, a user might not be added to a remarketing list.
But even when restricted data processing is enabled, there will be no change to how campaign measurement or conversion tracking functions.
In most cases, sites and apps must actively enable restricted data processing, otherwise third-party ad tracking and ad serving will continue as normal.
But there are two exceptions. Restricted data processing already applies by default for Customer Match (Google’s answer to Facebook’s Custom Audiences) and Store Sales, which advertisers use to connect offline transactions to ad clicks. No action is required by users of either product.
That said, if a publisher or advertiser has shared data from one Google product with another through a product integration or other means, such as a third-party partnership, that data will be subject to the terms of the product that receives the data. Simple, right?
It’s important to note that restricting data processing through Google is not akin to a full CCPA compliance strategy. Any protection provided by Google limiting data flow in certain circumstances does not apply to third-party tracking and serving vendors.
“You should ensure that you’ve taken all measures with respect to such third parties as required to meet your CCPA compliance needs,” Google warned in its post.
Advertisers, publishers and ad tech companies are scurrying to comply with the law before CCPA zero hour on Jan. 1, 2020.
Earlier this week, the IAB Tech Lab published technical specs for CCPA compliance, part of a larger framework that will include a standardized contract hosted by the IAB that lays out how publishers and their ad tech partners should interact in certain circumstances when sharing data in the RTB ecosystem. The contract piece of the framework will be released within the coming weeks.
Google has not signaled whether it’ll adopt the specs, although a spokesperson told AdExchanger that Google is assessing both parts of the framework and plans to provide additional info as soon as it can.