Updates on Developments in Data Privacy and Cybersecurity
Earlier this week, the organization that enforces the Digital Advertising Alliance’s Self-Regulatory Principles for Online Behavioral Advertising issued a “Compliance Warning” to website operators, advising them to provide “enhanced notice” on every web page where data is being collected or used for online behavioral advertising (“OBA”) by January…
Continue Reading DAA to Website Operators: Provide “Enhanced Notice” of OBA by January 1
The Digital Advertising Alliance (“DAA”) recently released a guidance document titled Application of Self-Regulatory Principles to the Mobile Environment (“Mobile Guidance”). The Mobile Guidance does not purport to establish new principles, but rather to explain how the DAA’s existing principles — the Self-Regulatory Principles for Online Behavioral Advertising and for Multi-Site Data — apply to the “mobile Web site and application environment.” Still, the Mobile Guidance contains a considerable amount of new direction that should interest publishers, advertisers, and other companies that operate in the online advertising space. Below is an overview of key takeaways from the Guidance.
The Guidance explains how companies operating in the mobile space should provide consumers “transparency and “control” (i.e., notice and choice) in connection with four types of data: Multi-Site Data, Cross-App Data, Precise Location Data, and Personal Directory Data.
Although the DAA’s definitions of these types of data focus on the way in which data is collected, the application of the key principles of “Transparency” and “Control” depends mainly on the way the data is used. For example, the Multi-Site Principles define “Multi-Site Data” as “data collected from a particular computer or device regarding Web viewing over time and across non-Affiliate Web sites.” This definition focuses on the nature of the collection, but the “Transparency” and “Control” principles’ application to the data turns on the way the data is used: if Multi-Site Data is used for one of many enumerated purposes (e.g., IP protection, product or service fulfillment, and product development), the Principles’ transparency and control principles do not apply.
Thus, the guidelines suggest that companies evaluate their obligations not only by considering whether the data they collect is covered by the Principles, but also by determining how that data will be used. With that background, we turn to a discussion of the Mobile Guidance. Continue Reading The DAA Principles Applied to Mobile: Key Takeaways
