California’s recent amendments to the California Online Privacy Protection Act require certain online services to make additional disclosures about how they respond to browser-based Do Not Track signals―new obligations that went into effect on January 1.  Along with Joanne McNabb of the Office of the California Attorney General, Kurt Wimmer and I will be discussing the recent amendment and best practices for implementation during a January 29 webinar entitled “Transparency Around ‘Do Not Track’: Best Practices Regarding California’s Privacy Amendments and Related Legislative Developments” (sponsored by Bloomberg BNA).

As industry continues to grapple with how to come into compliance with the California requirements in the absence of a “Do Not Track” standard, the Interactive Advertising Bureau has released a white paper that sets out “Guiding Principles” for developing tracking solutions in a post-cookie world.  The IAB paper observes that data collection is increasingly fragmented over websites, devices, browsers, and applications.  The IAB declines to set forth a particular solution, but it does outline “Guiding Principles” against which it believes any solution should be measured.  These include, without limitation:

  • A single privacy dashboard – a place where consumers and publishers can see which third parties are collecting and transferring information, what that information is, and how it is being used.
  • Universal privacy view – a place to read about and understand tracking across domains and services and via all browsers, devices, logins, and mobile apps.
  • Comprehensive privacy controls – a persistent set of controls for consumers to opt-in, modify, purge, or opt-out of data collection or data transfer across all parties.
  • Persistent, universal consumer preferences – preferences that persist across the entire Internet experience, across all domains and services, via all browsers, devices, logins, and mobile apps (which it states may require an authentication mechanism).
  • Possibility of detecting non-compliant actors – a simple easy way for consumers to identify publishers or third parties not in compliance with “the solution.”
  • Free online service – the solution should not require the consumer to install software or hardware, subscribe to a service, or pay any money.

The IAB paper sets forth additional principles from the perspective of publishers and industry third parties.   It also observes that cookies are increasingly inefficient and ineffective at state management.

Photo of Libbie Canter Libbie Canter

Libbie Canter represents a wide variety of multinational companies on privacy, cyber security, and technology transaction issues, including helping clients with their most complex privacy challenges and the development of governance frameworks and processes to comply with global privacy laws. She routinely supports…

Libbie Canter represents a wide variety of multinational companies on privacy, cyber security, and technology transaction issues, including helping clients with their most complex privacy challenges and the development of governance frameworks and processes to comply with global privacy laws. She routinely supports clients on their efforts to launch new products and services involving emerging technologies, and she has assisted dozens of clients with their efforts to prepare for and comply with federal and state privacy laws, including the California Consumer Privacy Act and California Privacy Rights Act.

Libbie represents clients across industries, but she also has deep expertise in advising clients in highly-regulated sectors, including financial services and digital health companies. She counsels these companies — and their technology and advertising partners — on how to address legacy regulatory issues and the cutting edge issues that have emerged with industry innovations and data collaborations.