You may have heard the acronym “CCPA” mentioned in connection with a data privacy regulation in the state of California. As your ad management team, we follow these proceedings closely so you don’t have to worry about your ads being compliant — we’ll handle all of that for you.
California Consumer Privacy Act (CCPA)
The California Consumer Privacy Act took effect on January 1, 2020. It enforces data privacy regulations for residents of California. Similar to GDPR which regulated data usage for citizens of the EU, the CCPA gives Californians control over how their personal data is used by businesses.
Those covered under the CCPA must be given the option to opt out of data collection and request that a company not sell their personal information to third parties. They may also request to have their personal information deleted or ask what information of theirs has been collected, why it was collected, and with whom it was shared or sold.
AdThrive publishers + CCPA
Any business that collects data from California residents may need to comply with the CCPA, including websites running programmatic advertising that is served to California residents.
The CCPA specifically references businesses who “sell data” and although we don’t actually sell anyone’s data, we do sell ad spaces and pass along non-personally-identifiable user data.
To keep your business safe and lead the industry in best practices, we’ve been working closely alongside the Interactive Advertising Bureau (IAB) to develop the best solution to comply with CCPA while minimizing the effect on your ad performance.
Our CCPA solution displays a text link at the bottom of your site to California users that allows them to opt out of personalized advertising.
What does this link look like?
The opt-out link will be located at the bottom of the page, near your “Elite Cafemedia Publisher” badge, displaying the following text for California users (as determined by time zone): “Information from your device can be used to personalize your ad experience. Please Click Here to Opt Out.”
If a visitor clicks the link, we pass their preference along the programmatic airwaves and our advertising partners serve ads that reflect the user’s choice.
Once a user has opted out, the text wording will change to the following, allowing them to opt back in: “Information from your device can be used to personalize your ad experience. Please Click Here to Opt-In.”
How is this different from GDPR?
GDPR is an “opt-in” regulation which means we can’t serve personalized ads to users in EEA countries until they explicitly allow us to do so. The CCPA is an “opt-out” regulation which means that California users need to be given the option to stop data use.
Will CCPA affect my RPM?
It’s possible, depending on the percentage of California traffic your site receives. Advertisers pay less when they don’t have information about a user. But we hope to see a very small impact to earnings since CCPA allows us to serve personalized ads unless the user opts out, and we don’t expect a large number of California users to opt out.
Do I need to do anything?
As far as your ads, you are all set! We will implement this solution on your site so that your ads are fully compliant with CCPA.
However, ads might not be the only thing on your site covered under CCPA.
One of the most important things you can do is take stock of the services and tools you use on your site and understand how they are processing information on your visitors and handling CCPA-compliance. For third-party services, we recommend contacting each provider to ask what steps they are taking for CCPA-compliance.
We’re implementing the IAB’s framework, which includes a consent string accessible via client-side API, and other services can access and act upon that string.
As regulations appear and change, we will always be at the forefront of the discussion advocating for publishers and doing our best to protect and future-proof your business so you can concentrate on what matters most—creating the best content on the internet!