2020 is upon us and so is the California Consumer Privacy Act (CCPA). CCPA applies to any company with CA-based assets or customers, including Californians who visit a website and whose data you touch. This includes companies that handle the personal data of at least 50,000 Californians per year, as well as businesses with annual revenues over $25 million.
We’ve been covering the details of CCPA all of 2019, defining it, explaining it, breaking down its amendments, looking at how it impacts the emerging T/V market, and then we also looked at tools that can help with compliance, like IAB’s CCPA Compliance Framework, as well as ways in which a CMP or CDP can be used for compliance. We also worked on a Playbook with GeoEdge, outlining the relationship between privacy compliance and user experience and what that means for revenue teams. And then another Playbook we developed with LiveRamp focused on how to survive life in a world without cookies.
Plus, we talked with industry leaders at BritePool, Ogury, Sourcepoint, and 33Across about solutions for compliance and alternatives to reliance on the third-party cookie. Also, Myles Younger, Senior Director of Marketing at MightyHive drafted a blueprint for a bright future in a cookieless world.
Here’s a look back at AdMonster’s 2019 CCPA coverage:
What is CCPA?
Being GDPR compliant won’t necessarily mean that you’re CCPA compliant. Also, it won’t be enough to just have systems in place to comply with CCPA and not continuously ensure that your users’ data remains safe.
Overall, the Personal Identifiable Information (PII) defined in CCPA is much broader than what’s been outlined in GDPR—“information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.” This includes IP addresses, cookies, beacons, pixel tags, mobile ad identifiers, browsing history, search history, and geolocation data. Read more.
CCPA Is Confusing AF
Digital media is looking forward to another year of impending doom as a fresh piece of confounding privacy regulation hangs over the space. The CCPA, which will affect any company that touches the data of at least 50,000 Californians a year, is in the middle of a statewide hearing tour at the moment, and the cracks are increasingly showing in the reportedly hastily assembled piece of regulation (typos are reportedly rampant and legislative patches continue to be written). Read more.
CCPA Update: It’s the Final Countdown
We know not what the California Consumer Privacy Act (CCPA) will finally look like when it goes into effect January 1, 2020, but we do know that Silicon Valley heavyweights applied great pressure to revise it, there’s an industry solution for do-not-sell requests, and unfortunately, most US businesses are overwhelmingly unprepared for its debut. Read more.
Interrupting Regularly Scheduled Programming: Privacy Regulations and the Emerging T/V Ecosystem
Ad-supported T/V ‘s future relies on an emerging addressable advertising technology, ACR, that will dramatically change T/V advertising delivery, measurement and monetization.
Automated Content Recognition (ACR) allows both subscription providers (like Netflix, Disney+) and ad-supported T/V providers (like Hulu, YouTube) to capture viewing data on screen for smart TV owners, all of whom opt-in to have this and personal identification data shared when they set up their set’s internet access.
This opt-in often is accepted thinking it is permission for the TV manufacturer to use the data, but second-by-second ACR-captured viewing data matched to that device user will also be used by content providers who can sell the addressability to advertisers for a premium price. Read more.
What Problems Does the IAB’s CCPA Compliance Framework Solve?
In short, the IAB’s and IAB Tech Lab’s CCPA Compliance Framework (here called “the Framework”, although the IAB has provided a similar framework for GDPR) provides a set of tools and standards to help make it easier for publishers and their ad tech partners to comply with the CCPA’s requirements around the sale of PI. Read more.
What is a CMP?
Consent Management Platforms (CMP) have been cropping up rapidly in the wake of GDPR—(and soon CCPA)—as the tool du jour for aiding publishers in collecting and managing consumer consent and passing that data throughout the advertising ecosystem. Read more.
What is a CDP?
CDP might sound like another martech or adtech acronym that will make its way into obscurity, but in a post-GDPR world where first-party relationships will be vital to survival, the Consumer Data Platform (CDP) is the ultimate tool for true consumer or audience identity resolution. Read more.
AdMonsters Playbook: Aligning Regulatory Compliance & User Experience
In this playbook, developed in partnership with GeoEdge, we’ll dive into the details of GDPR and why best practices for compliance are also overall user experience and privacy concerns. We’ll also examine the ramifications of the California Consumer Privacy Act and movements toward regulation at the federal level. Finally, the playbook will tie privacy regulation compliance back to other revenue team user experience responsibilities, such as ad quality and malware prevention. Read more.
AdMonsters Playbook: Life Beyond Cookies
Rumors of the third-party cookie’s death have been greatly exaggerated for years, but recent regulatory developments and browser privacy efforts have upset the dominance of this digital identifier. GDPR, CCPA, and browser privacy initiatives are only the beginning of a wider movement around data privacy, but they paint a clear picture of the next generation of consumer expectations. This playbook, developed in partnership with LiveRamp, aims to show publishers how to not only survive without cookies but come out the other side more powerful than before. Read more.
Surviving the GDPR/CCPA Squeeze: Sourcepoint’s Ben Barokas on CMPs and Regulatory Compliance
Such is the publisher’s lot—as soon as you start feeling confident you’ve covered your bases on GDPR, you’re trying to prepare for whatever the California Consumer Privacy Act (CCPA) will look like (it’s still being revised). But are your bases really covered on GDPR—considering that the European Data Protection Authorities (DPAs) are starting to dole out fines, like this €50 million shiner to Google?
We hit up Ben Barokas, veteran AdMonster as well as Founder and CEO of Sourcepoint, about recent GDPR developments, the looming CCPA, and the value of third-party CMPs versus homegrown efforts. Read more.
Portal to Privacy: 33Across on Complying With Current and Future Regulations
Publishers are frantically preparing for the launch of the California Consumer Privacy Act on Jan. 1, 2020—and trying not to lose sleep over the looming EU ePrivacy Directive updates. But they’re alone in that effort—programmatic intermediaries like 33Across have heard the data privacy call and are ensuring they not only complying with privacy regulations, but also applying consumer preferences in a speedy and efficient fashion. Read more.
Beyond Consent for Consent’s Sake: Ogury on Monetizing User Choice
As the digital privacy revolution grows stronger with the awakening of the California Consumer Privacy Act, gaining user consent weighs heavily on the minds of many publishers. But Ogury Co-CEO and Cofounder Thomas Pasquet argues that consent simply opens the vault door to the treasure chamber of user choice. That’s why Ogury offers publishers a consent management platform that also delivers user insights from across its network as well as monetization options. Read more.
CCPA: Costly Confusion for Publishers and Advertisers—A Conversation With David J. Moore, CEO, BritePool
We spoke with David J. Moore, CEO of Britepool—an identity solution company aimed at leveling the playing field for publishers to compete with the Walled Gardens with a focus on privacy compliance and the disappearing third-party cookie—to talk about what CCPA could mean for the future of programmatic advertising, as well as learn more about his company’s research on how consumers will behave under CCPA. We also talked about how a solution to identity will not only aid publishers with compliance but may enable them to survive and thrive the overall existential threats the industry currently faces. Read more.
A Future Bright and Cookieless
A crumbling cookie is making it harder to identify “User X” in ad server logs and know that User X saw ads around the web on Days 1 and 2, and then converted on Day 3. This blindness ravages user-based, deterministic attribution models. Impression, view-through, and conversion tracking all depend to some extent on third-party cookies.
Even if a cookieless future consisted of nothing more than incrementality tests and data clean rooms, advertisers would have years worth of new toys to master and traditional tactics to revisit. But the post-cookie technology and regulatory landscape is just now dawning, and we can look forward to a great deal of innovation. Read more.