Last week, the Online Interest-Based Advertising Accountability Program released a compliance warning to clarify that its Self-Regulatory Principles for Online Behavioral Advertising (OBA Principles) apply―not just to traditional HTTP cookies―but to other types of tracking technologies that enable the tracking of consumers across different platforms and devices.  

The compliance warning admonished companies developing and implementing new cross-platform and cross-device tracking technologies for OBA to provide effective enhanced notice and an OBA opt-out mechanism.  As the compliance warning explained, “[a]s new ‘cookie-less’ technologies increasingly replace the more familiar ‘cookies’ in the delivery of personalized advertising across multiple screens, consumers must continue to receive real-time ‘enhanced’ notice and an easy-to-use and effective opt-out mechanism.”

The compliance warning also warned web publishers to be aware of the types of technologies employed by the third-parties that collect data for OBA on their websites. 

“As with collection via HTTP cookies, when website publishers permit third parties to collect data for OBA using alternative identification technologies, they bear  responsibility to provide enhanced notice on every page where that collection takes place and a disclosure of OBA practices that includes a compliant opt-out link that will work effectively with these cookie-less technologies.”

The compliance warning also notes that the Federal Trade Commission and Network Advertising Initiative have taken recent enforcement actions in connection with the use of alternative tracking technologies.  It noted the FTC’s 2011 settlement with ScanScout, Inc. relating to the use of flash cookies and recent NAI and FTC actions involving Epic Marketplace, Inc.’ in connection with its use of a “history-sniffing” script to collect data on users’ web browsing habits.

Photo of Libbie Canter Libbie Canter

Libbie Canter represents a wide variety of multinational companies on privacy, cyber security, and technology transaction issues, including helping clients with their most complex privacy challenges and the development of governance frameworks and processes to comply with global privacy laws. She routinely supports…

Libbie Canter represents a wide variety of multinational companies on privacy, cyber security, and technology transaction issues, including helping clients with their most complex privacy challenges and the development of governance frameworks and processes to comply with global privacy laws. She routinely supports clients on their efforts to launch new products and services involving emerging technologies, and she has assisted dozens of clients with their efforts to prepare for and comply with federal and state privacy laws, including the California Consumer Privacy Act and California Privacy Rights Act.

Libbie represents clients across industries, but she also has deep expertise in advising clients in highly-regulated sectors, including financial services and digital health companies. She counsels these companies — and their technology and advertising partners — on how to address legacy regulatory issues and the cutting edge issues that have emerged with industry innovations and data collaborations.

As part of her practice, she also regularly represents clients in strategic transactions involving personal data and cybersecurity risk. She advises companies from all sectors on compliance with laws governing the handling of health-related data. Libbie is recognized as an Up and Coming lawyer in Chambers USA, Privacy & Data Security: Healthcare. Chambers USA notes, Libbie is “incredibly sharp and really thorough. She can do the nitty-gritty, in-the-weeds legal work incredibly well but she also can think of a bigger-picture business context and help to think through practical solutions.”