The Digital Advertising Alliance (DAA), a consortium of the nation’s largest media and marketing associations that has established self-regulatory standards for online behavioral advertising, announced on October 13 that the Council of Better Business Bureaus and the Direct Marketing Association will begin enforcement of the Application of the DAA Principles of Transparency and Control to Data Used Across Devices  (DAA Cross-Device Guidance) on February 1, 2017.

The DAA Cross-Device Guidance explains how the existing Transparency and Consumer Control principles contained in the DAA’s Self-Regulatory Principles for Online Behavioral Advertising and Multi-Site Data and Guidance on the Application of Self-Regulatory Principles to the Mobile Environment apply to practices that utilize data collected across devices.  Under the Guidance, a user’s choice to opt out of online behavioral advertising on a particular browser or device prevents: (1) data collected from that browser or device from being used on other linked devices for online behavioral advertising, (2) data collected from other linked devices from being used for behavioral advertising on the opted-out browser or device, and (3) the transfer of data collected from the opted-out browser or device for online behavioral advertising.

As discussed previously on InsidePrivacy, the FTC held its cross-device tracking workshop in November of 2015. At the workshop, self-regulatory efforts like the DAA Principles were highlighted, as was the necessity for companies to be mindful of their representations in the context of cross-device linking.

Photo of Lindsey Tonsager Lindsey Tonsager

Lindsey Tonsager co-chairs the firm’s global Data Privacy and Cybersecurity practice. She advises clients in their strategic and proactive engagement with the Federal Trade Commission, the U.S. Congress, the California Privacy Protection Agency, and state attorneys general on proposed changes to data protection…

Lindsey Tonsager co-chairs the firm’s global Data Privacy and Cybersecurity practice. She advises clients in their strategic and proactive engagement with the Federal Trade Commission, the U.S. Congress, the California Privacy Protection Agency, and state attorneys general on proposed changes to data protection laws, and regularly represents clients in responding to investigations and enforcement actions involving their privacy and information security practices.

Lindsey’s practice focuses on helping clients launch new products and services that implicate the laws governing the use of artificial intelligence, data processing for connected devices, biometrics, online advertising, endorsements and testimonials in advertising and social media, the collection of personal information from children and students online, e-mail marketing, disclosures of video viewing information, and new technologies.

Lindsey also assesses privacy and data security risks in complex corporate transactions where personal data is a critical asset or data processing risks are otherwise material. In light of a dynamic regulatory environment where new state, federal, and international data protection laws are always on the horizon and enforcement priorities are shifting, she focuses on designing risk-based, global privacy programs for clients that can keep pace with evolving legal requirements and efficiently leverage the clients’ existing privacy policies and practices. She conducts data protection assessments to benchmark against legal requirements and industry trends and proposes practical risk mitigation measures.