How the California Privacy Rights Act reshapes U.S. privacy compliance in 2023

california privacy law

The U.S. privacy landscape is on the edge of a new era. 

Next year, companies ranging from brands and publishers to agencies and ad tech intermediaries will need to comply with new privacy laws in Colorado, Connecticut, Utah, Virginia and — of course — California, where the existing California Consumer Privacy Act will give way to the even more comprehensive California Privacy Rights Act, or CPRA.

“CPRA definitely raises the bar,” said Fiona Campbell-Webster, chief privacy officer at ad tech firm MediaMath.

The video below features interviews with privacy experts weighing in on how the CPRA ups the ante on companies’ privacy compliance requirements in the U.S., particularly with regard to targeted advertising. It also breaks down the Interactive Advertising Bureau’s effort with the Multi-State Privacy Agreement to simplify the contractual complications required to comply with all five state-level privacy laws taking effect in 2023 and assesses expectations for regulators to enforce the new laws of the land.

“If a company is sharing cookie data in order to track users or sharing information with vendors to track users across multiple websites that are not owned by the advertiser, that’s when the alarm bells go offer,” said Dominique Shelton Leipzig, a partner at the law firm Mayer Brown.
Digiday Top Stories