Global Privacy Resources
California Consumer Privacy Act
Response to the CCPA Act - May 2019
- Response from US advertising and marketing trade associations to the California Consumer Privacy Act. To view the response, please click here. To view the presentation, please click here.
- On May 16, 2019, IAB US, from their Washington, DC office, hosted a webinar on the California Consumer Privacy Act. To view the presentation, please click here.
General Data Protection Regulation (GDPR)
IAB Canada Marketer's Guide, a primer for GDPR
What is the GDPR? Does the GDPR apply to my business? What are my next steps?
Download the PDF here: GDPR_IAB_Marketer Council
GDPR Territorial Scope Guidelines (Draft) - How Canadian Business are Affected - November 2018
On November 16th, 2018 The European Data Protection Board (EDPB) released draft Guidelines 3/2018 on the territorial scope of the GDPR
The document is out for public consultation and commentary until January 18, 2019. Canadian-based companies have had many questions concerning subjectivity to the GDPR. Even though a Canadian entity does not have a physical presence in the EU, the GDPR is extended to controllers and processors not established in the Union but that either:
- offer goods or services to EU data subjects or
- monitor their behavior which takes place in the EU
IAB Canada will be reviewing the guidelines carefully and provide our Policy & Regulatory Affairs Committee with a platform to provide commentary ahead of the January deadline.
GDPR Update: 13 key Compliance Steps - February 2018
The Reach of the EU GDRP in Canada On May 25, 2018, the General Data Protection Regulation (GDPR) will impact companies in Europe and around the world. The penalties for violating are potentially severe – Fines of €20 million or 4% of your annual worldwide revenue (whichever is higher). Your digital media or advertising businesses in Canada will be directly impacted by the GDPR if your company processes personal data of EU residents where the processing relates to:
- offering goods or services to individuals in the EU; or
- monitoring the behaviour of individuals in the EU on the internet, which may include tracking for behavioural advertising purposes.
The GDPR sets out a holistic set of rules governing the collection, creation, use, disclosure, storage and other processing of “personal data”, a concept defined broadly as “information about an identified or identifiable natural person”. GDPR’s rules are prescriptive, and need to be operationalized across your company’s systems and processes. Considerable time and organizational effort is required to comply with this statute.
Please click here to download the following checklist of 13 key steps for your company GDRP compliance efforts.
IAB Global Privacy Project
IAB Global Privacy Project
This Project Consists of Two Key Components:
1. The Cross Jurisdictional Privacy Project (CJPP)
The CJPP compendium provides an overview of the privacy laws of 11 countries – Australia, Brazil, Canada, China, India, Israel, Japan, Mexico, Nigeria, Singapore, and South Korea – and their impact on digital advertising. The CJPP Legal specifications, a product of over 150 lawyers working together from across the world, maps out legal inputs necessary for a global privacy string to address the challenge of demonstrating compliance with various jurisdictions’ disparate notice and choice requirements.
2. The Global Privacy Platform
This global technical working group made up of international stakeholders and local IAB policy teams works to streamline the legal inputs and technical privacy standards from the CJPP into a singular schema and set of tools which can adapt to regulatory and commercial market demands across channels. This work builds on the foundations and experience coming from the CJPP initiative and regional IABs and will continually expand to cover new markets and channels. Current initiatives include adapting IAB Europe’s GDPR compliant Transparency and Consent Framework (TCF) to aid in compliance in the Canadian market in accordance with the IAB Canada TCF policies and Canadian privacy law.