Lock icons over digital map showing privacy regulations

With 2021 Behind Us, How Do We Adapt To Evolving Privacy Regulations?

As a recent ruling against IAB Europe’s Transparency and Consent Framework (TCF) and the decision of the French data protection authority, the CNIL, to fine Google and Facebook both illustrate, the privacy landscape is in a state of near-constant change. But as these cases demonstrate, regulators are increasingly taking a privacy-first stance. To avoid suffering a similar fate, digital marketers and advertisers need to adapt practices in-line with evolving regulations and enforcement.

To date, some 137 countries around the world have enacted legislation designed to protect consumer privacy and data. Chief among them is Europe’s General Data Protection Regulation (GDPR). Since it was enacted, many other countries, including the United States, have followed suit with comparable laws.

To avoid suffering a similar fate as IAB Europe, Google, and Facebook, U.S. privacy professionals need to understand the evolving state of privacy in the United States, what it means for the industry, and what can be done to position their organizations to succeed in 2022 and beyond.

For privacy professionals that don’t have specific expertise in digital advertising, this can represent a complex and potentially dangerous blind spot. Not to mention, this is doubly true when dealing with an industry that underpins the open internet.

Data privacy comes to the United States

The GDPR became the law of the land in 2018. Though the U.S. was a bit late to the game in terms of comprehensive privacy legislation, the California Consumer Privacy Act (CCPA) went into effect in 2020, Virginia followed suit by passing its own Consumer Data Protection Act in March 2021, and Colorado came next, passing the Colorado Privacy Act in July 2021. Most recently, the Governor of Utah signed the Utah Consumer Privacy Act (UCPA) into law. Looking ahead, the enactment of U.S. state comprehensive privacy legislation is likely to increase further.

With 31 additional states considering privacy laws of their own in 2021, it’s only a matter of time before the United States adopts privacy laws that rival the GDPR — or, at the very least, a patchwork of state laws that protect consumers to varying degrees.

This rise in privacy-focused legislation is putting tech platforms and publishers under increasing scrutiny. The sooner they begin accepting the privacy-driven future, the faster they’ll be able to put these important issues behind them.

For these reasons, privacy professionals are increasingly finding themselves in the limelight.

U.S. industries will likely face increased legal action

To see the impact privacy laws will ultimately have on the United States, one simply needs to look at California, which has enforced CCPA regulations in at least 27 cases. While many of these businesses were able to achieve compliance within 30 days, as required, the future is all but certain for U.S.-based advertisers and publishers: Failing to comply with regulations means that fines, lawsuits, and other penalties are inevitable.

And to some extent, they’re already here.

Earlier this year, Attorneys General in Washington DC, Indiana, Texas, and Washington state filed complaints against Google, alleging that the tech giant misrepresented its collection of location data for advertising purposes.

As time goes on and more consumer privacy laws come into force, it seems all but guaranteed that regulators will be eagerly scrutinizing trade practices to see who’s compliant and who isn’t. The sooner businesses understand the future is an increasingly private one, the faster they’ll put themselves in a position to adhere to regulations — much to the delight of regulators and consumers alike.

It is the privacy professional’s responsibility to make sure that their colleagues and organizations are aware of these implications — and also understand why they need to commit to transparency, openness, and honesty in the first place.

The solution: Leading with privacy and transparency

How exactly can organizations prepare for the looming privacy-driven era of digital advertising? It starts with baking privacy and transparency into all facets of operations.

Over the last 10 years, the technology driving digital advertising has evolved rapidly. Today, these tools provide a unique set of privacy challenges. For example, deals worth considerable sums of money are completed by unseen and complex algorithms in fractions of seconds.

If businesses want to get ahead of the coming privacy tsunami, they need to proactively meet the issue head-on and change their approach to digital advertising.

Instead of collecting data in the background or offering confusing dark patterns that coerce users into actions they may not want to take, publishers would be wise to lead with privacy and transparency instead. By doing so, they can ensure that all users know exactly what they’re getting in return for sharing personal data.

When you openly and transparently give consumers a clear-cut choice, you establish and build trust. Over time, that trust helps your audience turn into loyal supporters. And that’s a big deal, considering how much revenue loyal customers help businesses generate.

What can privacy professionals do to lead with transparency? Invest in purpose-built ad tech solutions designed specifically to give customers control over their data and help them better understand how their data is collected and what it’s used for.

Let privacy and transparency steer the ship

As states across the country move privacy bills forward, the future is coming into focus. The sooner privacy professionals are able to convince their organizations to lead with transparency and openness, the faster they will protect their businesses from the ire of regulations while simultaneously bolstering consumer trust.

Failure to adapt to the new normal will almost certainly result in significant consequences. Not only will organizations that treat privacy as an afterthought expose themselves to potential financial consequences, they also risk alienating their audience — who may end up churning to their privacy-driven competitors as a result.

Getting ahead of incoming #privacy regulations and preparing for them before they are enforced positions your organization for success. Customers and regulators will be happier, and your business — and bottom line — will be healthier, too. #respectdataClick to Tweet

On the flip side, getting ahead of incoming privacy regulations and preparing for them before they are enforced positions your organization for success. Customers and regulators will be happier, and your business — and your bottom line — will be healthier, too.

The choice is yours. When you understand the importance of privacy, it’s an obvious one.


Chief Privacy Counsel at Sourcepoint