Home Privacy Google Will Integrate With IAB Tech Lab’s CCPA Compliance Specs By Jan. 1 Deadline

Google Will Integrate With IAB Tech Lab’s CCPA Compliance Specs By Jan. 1 Deadline

SHARE:

Ad industry, you can get off your tenterhooks: Google is going to adopt the IAB Tech Lab’s technical specs for compliance with the California Consumer Privacy Act (CCPA).

The specs, which create a US privacy string not dissimilar to the Transparency and Consent Framework (TCF) developed by IAB Europe in the run up to GDPR, enable RTB transactions to occur while imposing constraints on the use of data when consumers opt out of the sale of their personal information, which is one of the primary rights enshrined in the CCPA.

The specs will be live within AdSense, AdMob, Google Ad Manager and DV360 in time for the CCPA effective date on Jan. 1. Google is still evaluating whether it makes sense to integrate with the IAB Tech Lab’s specs for its other products.

Cool, but what does all that mean in practice?

The IAB Tech Lab released its CCPA compliance specs in late November after a brief comment period. A few days later, Google said it would allow advertisers and publishers to limit how data is processed and disable personalized ad serving through its ad products, a move calculated to help its publisher, advertiser and ad tech partners comply with the law.

The question that then hung in the air was whether Google intended to embrace the ad industry’s specs, which would bolster adoption – but there was a good reason to be cynical.

Google has yet to implement IAB Europe’s TCF for sharing permissioned consent under GDPR. It delayed joining the framework for well over a year, although it has promised to finally do so by the end of Q1 2020.

This time Google isn’t dragging its heels.

“We’re committed to supporting our advertisers, publishers and partners as they work to comply with CCPA,” a Google spokesperson said.

Google will not, however, use the standard contracts that are included as part of the IAB’s overall CCPA compliance framework, since it already has product-specific contracts of its own in place with all of its partners.

The IAB CCPA compliance framework is comprised of two parts: a limited service provider agreement that delineates when partners can and can’t use consumer data as part of a bid request, and technical specs to actually execute the contract.

Subscribe

AdExchanger Daily

Get our editors’ roundup delivered to your inbox every weekday.

Brass tacks

Here’s how the US privacy string will work in the Google context:

If a consumer doesn’t opt out of the sale of their personal information, then Google’s products will function the same as usual, no change.

But if a consumer does opt out, Google will take action starting on Jan. 1 to honor the request.

When the IAB Tech Lab’s privacy string indicates that a user has opted out, Google will trigger restricted data processing for AdSense, AdMob and Ad Manager, which means Google won’t pass the bid request on to any third parties via real-time bidding.

Over on the buy side, when DV360 receives an opt-out through the privacy string as part of a bid request from third-party exchanges, Google will not place a bid.

It’s unclear, though, whether Google will implement the specs as part of its consent management platform, Funding Choices. Google said it’s still assessing whether the IAB’s CCPA framework makes sense for Funding Choices, and that it will have more info to share on that front in Q1 2020.

Must Read

HUMAN Expands Its IVT Detection Tool Kit With A New Product For Advertisers, Not Platforms

HUMAN has recently started complementing its bid request analysis by analyzing the time between when a bot clicks an ad and when the landing page loads. Now it’s offering the solution to individual advertisers.

Index Exchange Launches A Data Marketplace For Sell-Side Curation

Through Index Exchange’s data vendor marketplace, curators gain access to third-party data sets without needing their own integrations.

Can Publishers Trust The Trade Desk’s New Wrapper?

TTD says OpenAds is not just a reaction to Prebid’s TID change, but a new model for fairer, more transparent ad auctions. So what does the DSP need to do to get publishers to adopt its new auction wrapper?

Privacy! Commerce! Connected TV! Read all about it. Subscribe to AdExchanger Newsletters

Scott Spencer’s New Startup Wants To Help Users Monetize Their Online Advertising Data

What happens when an ad tech developer partners with a cybersecurity expert to start a new company? You end up with a consumer product that is both a privacy software service and a programmatic advertising ID.

Former FTC commissioner Alvaro Bedoya speaks to AdExchanger Managing Editor Allison Schiff at Programmatic IO NY 2025.

Advertisers Probably Shouldn’t Target Teens At All, Cautions Former FTC Commissioner

Alvaro Bedoya shared his qualms with digital advertising’s more controversial targeting tactics and how kids use gen AI and social media.

Wall Street Turned Against Ad Tech – But May Learn To Love It Again

What can pureplay ad tech companies do to clean up their rep on the Street?