California Consumer Privacy Act (CCPA) compliance guide for Publishers

California Consumer Privacy Act (CCPA) compliance guide for Publishers

A new law focused on businesses that collect personal data from residents in California is set to come into effect on January 1st, 2020 called the California Consumer Privacy Act or CCPA.

In this post, we’d like to show you what we know so far regarding this law. We’ll give you a quick update with regards to Google products and show you what MonetizeMore is doing to help our publisher partners prepare.

What Google is saying about complying with CCPA

Google has stated the following in a recent update. As you already know, they provide data protection with regards to GDPR and have started offering provider terms compliant with CCPA. There are no additional actions needed to accept service provider terms if you’ve already agreed to online data protection terms.

Service provider terms will be made available alongside new tools so that restricted data processing can be enabled. Keep in mind that restricted data processing acts differently for multiple Google products.

With some Google products, restricted data processing is automatic while with others, some action is required. Google will act as a service provider with regards to data collected and restricted data processing.

Ready to master your ad inventory like the pros? Become an ad ops guru with PubGuru University! FOR A LIMITED TIME, get access to our School Of AdSense, Ad Exchange, and Google Ad Manager courses for only $199! Click Here To Enroll

Ad Manager, AdSense & AdMob

When operating under restricted data processing, certain features and functionalities will not be available with regards to Google Ad Manager, AdSense, AdMob, and Google ads.

When a publisher enables restricted data processing, Google will start to serve non-personalized ads. These ads are not based on past data from users but use contextual information for targeting purposes. Publishers must also decide for themselves the extent of using restricted data processing.

For additional information, be sure to read the CCPA policy pages for each Google product below:

Google Ad Manager / Ad Exchange: https://support.google.com/admanager/answer/9561023

Google AdSense: https://support.google.com/adsense/answer/9560818

Google AdMob: https://support.google.com/admob/answer/9561022

How MonetizeMore is helping its publisher partners prepare for CCPA

Here at MonetizeMore, it’s reasonably possible that the CCPA’s enforcement date will be delayed due to a lawsuit and injunction prohibiting its enforcement, but there is no guarantee. A similar situation happened when California tried to pass net neutrality on its own. We’ll be paying close attention as the maximum potential revenue impact from additional privacy restrictions is not negligible.

The other significant matter that we’ve come across is that the CCPA appears to be not as aggressive in its language around affirmative consent vs. GDPR. There’s significant debate as to whether the CCPA requires the same roadblock level of consent that the GDPR requires, and the statute clearly states the user must only be “informed.”

We expect to implement in the next few weeks a passive consent option (a footer or header, to be tested for impacts) and go from there. As the CCPA is not as clear as the GDPR on this matter, unless we hear otherwise from the proper authority, we will leave the decision (passive or active for CCPA) up to each publisher’s privacy directors.

We’re implementing this passive consent option regardless, as Google has been increasingly requiring publishers with substantial US traffic to be more aggressive on privacy disclosure over the last few years, and having it all in one package is easier for our publishers.

We won’t be changing anything without our publishers knowing about it. We don’t want to bother users or interrupt their user experiences except where absolutely necessary.

We’ll update our publishers in the next few weeks with more details and inform them how to proceed further.

Conclusion

As with GDPR, there is still some confusion surrounding CCPA, and publishers don’t always know how to react. If you’re already signed up with MonetizeMore, we’ll take care of it all for you and inform you how to proceed within the month.

If you don’t know how to proceed in getting CCPA compliant, consider partnering up with MonetizeMore today! MonetizeMore is at the forefront of ad technology developments and publisher monetization innovations.


FAQ

What companies must comply with CCPA?

Any business that collects customer data and conducts business in California must comply with the California Consumer Privacy Act (CCPA) if it has a turnover of more than $25m, receives or holds the personal data of more than 50,000 consumers or derives more than 50% of its revenue from selling personal information.

Does GDPR cover CCPA?

GDPR is a separate piece of legislation to CCPA and applies to the European Union. While there may be provisions in GDPR that exist in CCPA or vice versa, compliance with one does not guarantee compliance with the other. If you conduct business in both regions, you should ensure compliance with both pieces of legislation.

Does CCPA apply to foreign companies?

The law applies to all companies that do business in California, not just ones that are domiciled in California or the United States, providing that it has a turnover of more than $25m, receives or holds the personal data of more than 50,000 consumers or derives more than 50% of its revenue from selling personal information.

Kean Graham

CEO and Founder at MonetizeMore

Kean is the resident expert in Ad Optimization covering areas like AdSense Optimization, DFP Management, and third-party ad network partnerships. Kean believes in the supremacy of direct publisher deals and holistic optimization as keys to effective and consistent ad revenue increases.

Get our latest ad optimization tips delivered to your inbox

Submit a Comment

Your email address will not be published. Required fields are marked *