媒體與第三方廣告如何應對動態隱私環境.pdf

《媒體與第三方廣告如何應對動態隱私環境.pdf》由會員分享，可在線閱讀，更多相關《媒體與第三方廣告如何應對動態隱私環境.pdf（32頁珍藏版）》請在三個皮匠報告上搜索。

1、What an Ever-changing Privacy Landscape Means for Media&3rd Party AdvertisingTricia CrossCIPP/USSVP,Co-Chief Privacy Officer at Fox CorporationMonika JedrzejowskaCIPP/USChief Privacy Officer,Assistant General Counsel at HearstTeena LeeCIPP/USSenior Vice President,Associate General Counsel and Chief

2、Privacy Officer at News CorporationMathilde TanonCIPP/E,CIPP/USData Privacy Manager at The New York Times WELCOME AND INTRODUCTIONSTell us about yourselvesMedia?Media adjacent?Law firms?Platforms?Regulators?Industry groups?Table of Contents1.Targeted advertising Overview2.A flood of legal and indust

3、ry requirements 3.Implementation tips&tricks4.How to become the businesss best friend5.Q&ATargeted advertisingOverviewWhat is considered targeted advertising?Under most US state laws,targeted advertising is defined as:This mirrors how the FTC defined“online behavioral advertising”in a 2009 Staff Rep

4、ort.While definitions are generally consistent across jurisdictions,there are sometimes some differences in the language.The“displaying of an advertisement to a consumer in which the advertisement is selected based on personal data obtained from that consumers activities over time and across nonaffi

5、liated websites or online applications to predict preferences or interests”.What is considered a sale?Under many US state laws,a“sale”is defined as:However,the definitions and exclusions vary.For example,some states laws:Include the“sharing”of personal data for certain purposesLimit the scope to an

6、exchange for monetary consideration Do not explicitly exclude situations where consumers requests that their information be shared with third partiesThe“exchange of personal data for monetary or other valuable consideration by the controller to a third party”.Targeted advertising in practiceDifferen

7、t ways of running targeted ads:Programmatic advertising,including real time bidding(RTB)Directly sold advertisingWho are the players?Publishers,supply-side platforms(SSP)Advertisers,demand-side platform(DSP)Ad exchanges,ad networks,retail media networksSocial media and other big tech platformsA floo

8、d of legal and industry requirements A flood of legal and industry requirements Legal requirements Industry requirements Unique challenges for media companiesLegal requirements at first glanceOpt-inOpt-outLegal requirements in realityCO,CT,DE,IN,MT,NJ,OR,TN,TX,VA,EUUse of Sensitive Personal Informat

9、ionCA,UTWAProcess health-related dataTargeted advertising&Sale(US)EUUniversal opt-out mechanisms FL*,IA,IN,TN,UT,VACA,CO,CT,DE,MT,NJ,OR,TXProfilingCA,CO,CT,DE,FL*,IN,MT,NJ,OR,TX,VA*Floridas Digital Bill of Rights has a narrower scope of applicability than other state privacy laws.And there are more!

10、E.g.,the rules on the processing of minors data vary depending on the jurisdiction.Industry requirementsIndustry standards and protocols Global Privacy Platform(IAB GPP and MSPA),Transparency&Consent Framework(IAB Europe TCF)Platform requirementsApp Tracking Transparency(Apple ATT),App store nutriti

11、on/safety labels,Consent Mode(Google),deprecation of 3rd party cookiesSelf-regulatory frameworksDigital Advertising Alliance(DAA),Network Advertising Initiative(NAI)=Aligning with industry standards can help your organization mitigate legal risks.Important note:even though industry requirements are

12、not mandated by law,not complying with such frameworks policies can lead to adverse consequences for organizations,such as loss of of revenue from ads not being served or their apps being rejected from app stores.Unique challenges for media companiesBusiness model reliant on advertising revenueDirec

13、t and strong impact of laws regulating targeted advertisingComplex and interdependent ad ecosystemWebsites can be accessed from every countryPotential exposure to additional legal requirements from countries where users are locatedPublishers are on the front line for enforcement actionsMost visible

14、position in the advertising ecosystem,directly in contact with consumers,but with the least visibility into the advertising ecosystemNow What?Implementation tips&tricksImplementation tips&tricks Implement a global or jurisdiction-specific privacy compliance strategy for advertising?Leverage industry

15、 standards Leverage tools and vendor solutionsIn appendix:Contractual considerations checklistImplement a global or jurisdiction-specific privacy compliance strategy for advertising?Global privacy compliance strategy for advertisingJurisdiction-specific privacy compliance strategy for advertising-Ea

16、sier implementation and maintenance-Streamlined privacy disclosures-Maximize ad revenue-Optimize how personal data can be lawfully processed-Negative impact on ad revenue-Loss of opportunities for how the business can lawfully process personal data-Cumbersome implementation and maintenance-Some juri

17、sdictions would still need to be grouped,a state by state approach being hardly practicalLeverage industry standardsBenchmark similar organizations practicesRun a cost-benefit analysis Would it help mitigate legal risk?Would it help with contractual negotiations?What resources are required to implem

18、ent(internal and external,i.e.outside counsel,vendor)?How easily can it be adapted as laws continue to evolve?Involve relevant stakeholders and help leadership make a decisionLeverage tools and vendor solutionsVendor solutions can be very helpful and time-saving But are rarely a panacea!Run a cost-b

19、enefit analysisInvolve technical/engineering teams in your conversations with vendors(even before signing the deal!)Keep in mind that you will always need internal hands on keyboard to make things workThere is no one-size-fits-all approach.Finding the right implementation strategy will always depend

20、 on your organizations specific situation.How to become the businesss best friendHow to become the businesss best friend Keep yourself informed Get to know your organization Help build the advertising strategyKeep yourself informed(Try to)keep abreast of:Upcoming privacy laws and regulationsEnforcem

21、ent actions and trendsTalk to your counterparts in similar organizationsKeep your organizations leadership and relevant stakeholders informed of what privacy issues could meaningfully affect your business Get to know your organizationHow to operationalize the requirements?Know the products and UIsUn

22、derstand how teams interact with each otherLearn how backend systems workWhat are the necessary resources?Determine what teams will do the work and provide ongoing supportDefine what tools are neededSecure necessary budgetHow much time is needed?Reconcile legal deadlines with internal work timelines

23、(e.g.,work done in sprints;resources committed in advance)Take into account competing priorities Think like a project/program managerHelp build the privacy compliance strategy for advertisingProvide actionable legal and/or operational advice Help the business make risk-based decisionsBe able to pivo

24、t and adjust to an evolving landscapeWork in close collaboration with the engineering and product teams In conclusionBe open-minded,flexible and not too harsh on yourself!Thank you!Credits:the icons used in this presentation were created by Freepik,Winnievinzence,Aldo Cervantes and Iconixar.Appendix

25、Contractual considerations checklist What jurisdictions are in scope?What are the roles of the parties?Business/controller?Service provider/processor?“Third party?”Do any state law requirements for service providers/processors or third parties apply?What data is at issue?What are the data elements?W

26、ho is contributing the data?What are the data flows?How will the data be used and by whom(e.g.,what are the purposes)?What data subject rights are implicated(e.g.,opt in/out,DSRs)?How will these be effectuated?What data security protections are needed?Are there operational issues for my business flo

27、wing from the contract?Q&AHow Did Things Go?(We Really Want To Know)Did you enjoy this session?Is there any way we could make it better?Let us know by filling out a speaker evaluation.1.Open the Cvent Events app.2.Enter IAPP GPS24(case and space sensitive)in search bar.3.Tap Schedule on the bottom navigation bar.4.Find this session.Click Rate this Session within the description.5.Once youve answered all three questions,tap Done.