How the California Privacy Rights Act reshapes U.S. privacy compliance in 2023
The U.S. privacy landscape is on the edge of a new era.
Next year, companies ranging from brands and publishers to agencies and ad tech intermediaries will need to comply with new privacy laws in Colorado, Connecticut, Utah, Virginia and — of course — California, where the existing California Consumer Privacy Act will give way to the even more comprehensive California Privacy Rights Act, or CPRA.
“CPRA definitely raises the bar,” said Fiona Campbell-Webster, chief privacy officer at ad tech firm MediaMath.
The video below features interviews with privacy experts weighing in on how the CPRA ups the ante on companies’ privacy compliance requirements in the U.S., particularly with regard to targeted advertising. It also breaks down the Interactive Advertising Bureau’s effort with the Multi-State Privacy Agreement to simplify the contractual complications required to comply with all five state-level privacy laws taking effect in 2023 and assesses expectations for regulators to enforce the new laws of the land.
“If a company is sharing cookie data in order to track users or sharing information with vendors to track users across multiple websites that are not owned by the advertiser, that’s when the alarm bells go offer,” said Dominique Shelton Leipzig, a partner at the law firm Mayer Brown.
More in Marketing
‘A multi-model world’: Microsoft’s CEO says the future of AI is orchestration, not one single model
Microsoft’s CEO just handed ad execs a survival guide for the agentic era.
OpenAI is hiring engineers, not ad sellers, first to build its ad business
OpenAI is focused on constructing the machine before worrying about selling what comes out of it.
A step toward compliance: the creator economy addresses disclosure and liability risks
The Institute for Responsible Influence will offer a creator certification program to standardize disclosures and increase creator accountability.