You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As privacy regulation is taking on further adaption by governments, the IAB has devised a US Privacy signal to express a GDPR-like consent notice presented to the user for any US based privacy regulation. This intent to implement is created to provide support for CCPA using the US Privacy String Framework with a goal to implement before the end of 2019.
To quote the IAB spec on the initial version of the US Privacy String:
A U.S. Privacy String contains information about disclosures made and choices selected by a user regarding consumer data privacy under U.S. Privacy regulation. Version 1 of this specification only supports signals pertaining to the California Consumer Privacy Act (CCPA).
This specification was created because Digital Properties need a scalable way to establish and persist U.S. Privacy signals. Additionally, downstream vendors need a reliable way to access U.S. Privacy signals when running within a Digital Property’s website or app.
Goals
Provide support for California Consumer Privacy Act (CCPA)
Proposed Design
The expectation is the publisher will have the responsibility of participating and complying with the IAB US privacy String as defined in the IAB US Privacy User Guide
Prebid SDK passes signal to Prebid Server if present
Prebid SDK Changes
Requirements
Attempt to read IAB US Privacy signal "IABUSPrivacy_String" in SharedPreferences as defined in the IAB spec for each ad singleton
If US Privacy string is available, pass string to Prebid Server in OpenRTB request
If US Privacy string is not set, empty string or null value, do not pass any regs signal to Prebid Server
Prebid SDK will pass the US Privacy string as is, unadulterated to Prebid server
Prebid SDK communication is expected to be unidirectional (no feedback from Prebid Server)
NSUserDefaults key/value
IABUSPrivacy_String = 'string_value'
Out of Scope
Any user data processing of any kind, no matter the presence or absence of US Privacy String
Validation of string value
Error handling on the SDK (this may change as the IAB spec is flushed out)
Prebid Server OpenRTB Interface
For brevity, only one string value will be included in an example below since Prebid SDK will be a passthrough and will not care what value is passed.
"regs": {
"ext": {
"us_privacy": "1YN"
}
}
Prebid Server Changes
Prebid Server will have it's own requirements and is not dictated by the SDK. Any Prebid Server changes are expected to be driven by the IAB Framework guidelines.
Type of issue
As privacy regulation is taking on further adaption by governments, the IAB has devised a US Privacy signal to express a GDPR-like consent notice presented to the user for any US based privacy regulation. This intent to implement is created to provide support for CCPA using the US Privacy String Framework with a goal to implement before the end of 2019.
To quote the IAB spec on the initial version of the US Privacy String:
Goals
Proposed Design
The expectation is the publisher will have the responsibility of participating and complying with the IAB US privacy String as defined in the IAB US Privacy User Guide
Workflow should be as follows:
Prebid SDK Changes
Requirements
NSUserDefaults key/value
Out of Scope
Prebid Server OpenRTB Interface
For brevity, only one string value will be included in an example below since Prebid SDK will be a passthrough and will not care what value is passed.
"regs": { "ext": { "us_privacy": "1YN" } }Prebid Server Changes
Prebid Server will have it's own requirements and is not dictated by the SDK. Any Prebid Server changes are expected to be driven by the IAB Framework guidelines.
Other information
Prebid server intent to implement: prebid/prebid-server#1107
The text was updated successfully, but these errors were encountered: