How the California Privacy Rights Act reshapes U.S. privacy compliance in 2023

By Tim Peterson • December 19, 2022 •

The U.S. privacy landscape is on the edge of a new era.

Next year, companies ranging from brands and publishers to agencies and ad tech intermediaries will need to comply with new privacy laws in Colorado, Connecticut, Utah, Virginia and — of course — California, where the existing California Consumer Privacy Act will give way to the even more comprehensive California Privacy Rights Act, or CPRA.

“CPRA definitely raises the bar,” said Fiona Campbell-Webster, chief privacy officer at ad tech firm MediaMath.

The video below features interviews with privacy experts weighing in on how the CPRA ups the ante on companies’ privacy compliance requirements in the U.S., particularly with regard to targeted advertising. It also breaks down the Interactive Advertising Bureau’s effort with the Multi-State Privacy Agreement to simplify the contractual complications required to comply with all five state-level privacy laws taking effect in 2023 and assesses expectations for regulators to enforce the new laws of the land.

“If a company is sharing cookie data in order to track users or sharing information with vendors to track users across multiple websites that are not owned by the advertiser, that’s when the alarm bells go offer,” said Dominique Shelton Leipzig, a partner at the law firm Mayer Brown.

How the California Privacy Rights Act reshapes U.S. privacy compliance in 2023

More in Marketing

How Costco stood against Trump’s agenda on tariffs, DEI this year

Brands look to experiential marketing as antidote to AI slop, digital fatigue

Agencies push curation upstream, reclaiming control of the programmatic bidstream