How Transcend is preparing for CDPA’s new Opt Out of Targeted Advertising requirement in Virginia

Ben Brook
March 4th, 2021 · 2 min read

We believe that privacy choices are a good thing and represent an opportunity for businesses to lead on privacy and build trust with their users. We applaud the global push for broader controls for users. As your provider of data privacy infrastructure, our job is to make it simple for you to offer any privacy choice to your users.

On that front, Virginia has now joined California in passing a modern consumer privacy act, the Consumer Data Protection Act (CDPA), which will come into effect on January 1st, 2023.

You can read more about the components of the new law from the IAPP here, but we wanted to spotlight how we’re preparing for the CDPA’s new Opt Out of Targeted Advertising requirement.

On a technical level, targeted advertising occurs through third parties such as Google and Facebook, meaning we’ll be waiting on specifications from them for how they plan to programmatically receive the signal to suppress targeted advertising toward a particular user.

As the data controller, you will have a new requirement to propagate your Opt Out of Targeted Advertising requests downstream to these third parties, encoding the User ID of the opted out user onto these third parties’ suppression lists for targeted advertising. This is something that Transcend has accommodated in the past with Opt Out of Communications, Do Not Sell My Personal Information, and more.

Over the next year, we’ll be working with these third parties to make this new opt out flow an out-of-the-box feature for Transcend customers, so that when the time comes for you to enable this choice for Virginians, there’ll be a simple “On” button available to you in the Admin Dashboard.

Please don’t hesitate to reach out to the Transcend team in the interim with any questions.

How does Transcend keep my company ahead of incoming laws like CPDA, wherever they might arise? Our platform is architected to be regulation agnostic, and is built on an arbitrary governance layer across the SaaS and internal systems we integrate with, that allows us to operate on data wherever it sits, and whatever operation is required on it—be it read, write, redact, update, allow or block data flows, etc.

With this framework in place, we can then respond to the unique requirements of any incoming legislation via new workflows on top, whatever the rights that are codified into new state or federal laws.

More articles from Transcend

Industry perspective: How Signal built private messaging, while still having fun

Signal’s VP of Engineering Jim O’Leary explains how the non-profit built an encrypted communications platform, and scaling for massive user growth, at a recent privacy_infra() event.

February 26th, 2021 · 2 min read

Watch the recording: Signal, Zoom, and UC Berkeley join Privacy_Infra() February 2021

Watch the recording from our first privacy_infra() engineering meetup of 2021, featuring talks from Signal, Zoom, and UC Berkeley.

February 22nd, 2021 · 1 min read

Privacy XFN

Sign up for Transcend's weekly privacy newsletter.

San Francisco, California Copyright © 2022 Transcend, Inc.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Link to $ to $ to $