CCPA

Data brokers will need to process consumers data-deletion requests every 45 days starting August 1, 2026, or face heavy fines. 

With privacy under unprecedented attack by data brokers and social media, it is the wrong time to weaken CIPA’s private right of action protections, as has been proposed in California Senate Bill 690.

It’s not that people don’t care about their privacy – they do. The problem is that protecting it is often difficult, inconvenient and confusing.

Data brokers de-index their opt-outs; Meta is still the go-to for influencer ads; and Perplexity offers to buy Chrome.

Regulators care about privacy in practice, not just in theory. Simply having a tool or partnership in place isn’t enough to demonstrate effective compliance.

Pixels attached to articles explaining a recent health diagnosis – without consent  – led Healthline to a record $1.55 million fine for violating CCPA. Plus: the new AI contract.

The era of fragmented, adversarial ad tech is winding down. A new paradigm is emerging defined by AI-first, end-to-end platforms and collaboration among buyers and sellers.

CTV advertising has made great strides, but it still lags behind social platforms in one critical area: optimizing campaigns based on outcome data. Here’s how standardized conversion API integrations for CTV can help.

Audience suppression may be the missing link between annoying a consumer and building a lasting relationship.

It’s difficult for advertisers to enter into contracts with every company to which they disclose personal information. However, difficulty is no longer an acceptable excuse.

A concept known as data minimization – the practice of limiting data collection and retention to only what’s strictly necessary to achieve a specific purpose – is becoming a key tenet of privacy legislation around the world.

Advertising is now a regulated industry. And with enforcement coming at the state and federal level, data privacy standardization is an urgent issue.

Here are a few fun facts about the CPPA that you can trot out at cocktail parties (depending on whether you hang out with privacy nerds).

It may appear as if The California Privacy Protection Agency has been in hibernation mode. But don’t let that fool you. The bear is awake and it’s got an appetite.

New requirements with respect to the processing of children’s data are occurring at the U.S. state level and seemingly flying below the radar. Here’s how these changes could impact targeted advertising in the United States.

State privacy laws could make it a lot harder for advertisers to use IP addresses – a foundational signal for CTV ad targeting and attribution for well over a decade.

Here’s today’s AdExchanger.com news round-up… Want it by email? Sign up here. The Work Behind The Patchwork Big Tech has long railed against the US adopting a patchwork of state privacy laws instead of a single national standard. But, oh the irony, tech companies lobbying at the state level is actually helping create that dreaded patchwork, […]

A significant number of solutions that claim to be cookieless, including unified IDs and cohort-based targeting, still rely on IDs. These solutions will find it extremely difficult to achieve the scalability required to become a true successor to cookie-based advertising.

U.S. state privacy laws are multiplying at a dizzying rate. Here are the key points to know for the collection and processing of sensitive information for the rest of 2023.

The US now has nine state privacy laws on the books – and the list is only going to get longer over the next couple of years.

Putting data in the possession of a presumably trusted third party makes a world of sense. But while clean rooms are very useful for some things, it is questionable whether they are the panacea for all privacy-compliance challenges.

California’s privacy protections are considered by most privacy pros to be the toughest and most comprehensive in the nation. But the California Privacy Protection Agency has a budget of just $10 million to regulate against the largest technology companies in the world.

Virginia is for lovers – and privacy lawyers. Although California has attracted most of the attention as the first US state to pass and enact comprehensive data privacy legislation, other states, including Virginia, have been swiftly following suit with regulations of their own.

To help businesses operate in a complicated legislative landscape, the MSPA offers a contractual framework and consent management guidance for compliance. But what do publishers need to know about implementing the MSPA?

If you didn’t celebrate Data Privacy Day this year, the California attorney general did for you – by sending a series of warning letters to mobile apps over alleged violations of the California Consumer Privacy Act.

Companies throughout the ad tech ecosystem are reckoning with the fact that, due to the revised definition of “business purpose” in the CPRA, they may no longer qualify as “service providers” under California privacy law. Davis+Gilbert’s Richard Eisert and Zachary Klein break down what to expect.

CPRA, BSAA and antitrust: We close out 2022 with (acronyms and) a repeat of a January 2022 episode that took the pulse of the legal world’s latest moves in data privacy. 

Although there are important nuances between the different laws, businesses that have been working toward compliance with the California Consumer Privacy Act and California Privacy Rights Act are in a good position for complying with other state privacy statutes. But the CPRA has several unique provisions that make it a beast all its own.

Last week, the IAB’s multistate privacy agreement (MSPA) was made available for advertisers, publishers and ad tech partners to sign and begin using to track their data flows. But what is the MSPA?

Google isn’t bluffing about quitting its third-party cookie habit. That’s because consumer concerns about data privacy and pressure from regulators around the globe have left Google with no choice but to discontinue third-party cookie usage in Chrome, said Dan Taylor, VP of global ads at Google, at AdExchanger Programmatic I/O conference in New York City on Monday.