In January we shared a blog post with recommendations on how to prepare in 2023 to comply with five US Multi-State privacy laws in California as amended by CPRA, Virginia, Connecticut, Colorado and Utah. As a reminder, the enforcement date of several of these laws is 1 July 2023. This blog post is a brief practical check list for our clients to help support your compliance efforts. Please also refer to the January blog post for background on what we recommended clients should do in preparation. “What’s needed now, next and later for clients to prepare for global digital advertising privacy compliance starting January 2023”
Practical check list for our clients:
- Have you updated your privacy policies to consumers on your sites to provide Do Not Sell/Share My Personal Information (DNSS) opt-out notices?
- Have you implemented opt-out mechanisms to be able to send DNSS opt-out signals to MediaMath when a consumer opt-out of selling/sharing on your site?
- Have you implemented Global Privacy Controls (GPC) on your site as required under California?
- Have you updated your privacy policies to consumers on your sites to provide opt-out of sharing for targeted advertising notices for consumer rights under Virginia, Colorado, Connecticut and Utah?
- Do you have an opt-out of sharing for targeted advertising mechanism for consumer rights under Virginia, Colorado, Connecticut and Utah?
- Will your opt-out signals be integrated with the IAB Tech Lab’s Global Privacy Platform (GPP)? One Trust for example is integrated with GPP.
- Have you reviewed the new and updated Schedule B to your MSA for US Multi-State privacy laws? These Schedule B terms are also located in our User Policy which forms part of your agreement.
- MediaMath will be a participant and signatory to IAB US Multi-State Privacy Agreement. As a 1st party Business, under CCPA as amended by CPRA, will you be signing up to the IAB US Multi-State Privacy Agreement? Here is the Advertiser’s Guide to the MSPA
Please reach out to your MediaMath representative if you have any questions regarding the above.
Disclaimer: Please note this blog post is not intended as legal advice and you should consult your own legal advisors on your company’s legal and technical compliance requirements.