Google is rolling out new efforts to comply with recently enacted laws. In Florida, Texas, Oregon, Montana, and Colorado, restricted data processing (which limits how Google consumer privacy uses your personal data) will soon be a common practice.
A few of the fundamental changes include the following:
- Google is set to update its ad terms to enable restricted data processing (RDP) for each applicable state as soon as the state’s law takes effect.
- When RDP is enabled, Google will serve as a data processor rather than a controller of that data, restricting how it uses specific identifiers and other consumer information.
- Several activities may be impacted when RDP is enabled, including ad delivery, debugging, security/fraud detection, and reporting and measurement.
- Advertisers living in the applicable states must accept Google’s online protection terms, but no action is required if this step has already been completed.
This means that Google wants to ensure advertisers comply with the law and protect consumer privacy. While these changes might affect the success of some ads, as they reduce personalization capabilities and targeting efficiency, they’re a better option than engaging in illegal practices.
Colorado’s Opt-Out Law
Adding to the changes is Colorado’s opt-out law, which is defined by the Colorado Privacy Act (CPA) and enacted to give consumers more rights. Starting July 1, 2024, organizations within the act’s thresholds must provide consumers with the option to opt out, using a Universal Opt-Out Mechanism (UOOM), of the sale of their personal data and/or the use of their data for targeted advertising.
To comply with this law, Google will respect each consumer’s global privacy control signals. Once a consumer opts out, Google will disable personalized ad targeting based on customer matches, remarketing lists, or other “off-limits” data.
Do you need some guidance on RDP, CPA, or anything else? Give us a shout, and we’ll be happy to help.