The United States does not have a central, federal-level privacy law like the EU’s GDPR. The US government (so far) has left this up to individual states. The result is that a handful of states have enacted online consumer privacy laws. These include:
- New York
- North Dakota
On July 7, 2021, Colorado’s governor signed SB21-190, “Act Concerning additional protection of data relating to personal privacy.” The new Colorado Personal Data Privacy Protection Law will go into effect on July 1, 2023.
California’s Consumer Privacy Rights Act (CPRA) was signed September 23, 2018 and went into effect on January 1, 2020. Proposition 24, approved Nov. 2020, expands the consumer data privacy laws and is effective January 1, 2023. It appears as if 2023 is going to be a significant year for companies doing business on the web to be serious about consumer privacy, even if they have ignored the GDPR because they aren’t doing business in Europe.
Data privacy laws restricting the sharing of data for advertising
For years, consumers have either knowingly or unknowingly handed their data over to corporations and government agencies. This of course makes it easier to track online activities, and thus target you for ads that you might be interested in. Once that goes away, marketers will have to be more creative in luring eyeballs to their websites.
iapp contributor, Arsen Kourinian, states that “Following the passage of the California Privacy Rights Act, which goes into effect Jan. 1, 2023, less data will flow into the adtech environment because consumers can now restrict businesses from sharing their personal information specifically for cross-context behavioral advertising.” Virginia also passed a data privacy law March 2, 2021. The Consumer Data Protection Act permits consumers to opt out of the processing of their personal data for targeted advertising. Google has also announced that in 2022 it would eliminate third-party cookies from its Chrome browser and stop selling ads based on individuals’ browsing activity across multiple websites. As a business that sells online advertising through retargeting services like AdRoll, this is an interesting dilemma, especially because I am also an advocate of online privacy.
With retargeting coming to an end, what are the options for online businesses? Colin Hung of hitmc.com gives us 5 alternatives to consider. Read the article for details:
- Focus on personalizing your website and using first-party cookies
- Leverage social platforms like Facebook, LinkedIn, etc. and Google
- Partner with sites that cater to your target audience
- Keyword advertising
- Implement Facebook’s first-party cookie
To this, I am going to add my own, which I believe will continue to be a major traffic driver:
- Relevant, interesting content
Blogs, podcasts, videos, infographics and other high quality content will become more important than ever.
With more states passing their own privacy and security laws, will there be a federal privacy law coming soon? The prospect of a national privacy law in the United States has often seemed vague and somewhat uncertain, with democrats and republicans having different views on how this should be handled. But recent shifts in the political landscape may get the ball rolling in that direction sooner than businesses anticipated.
Tomu Johnson, of counsel at Parsons Behle & Latimer, believes that Democrats gaining control of the White House, the House of Representatives and now the Senate could be a game changer for privacy. “In the U.S. I could see real momentum this year for a privacy law that gets passed by all three branches of the government and finally creating a good baseline floor for privacy in the U.S,” he said.