First of its Kind Privacy Protection Agency Comes to Fruition in California

California’s new Privacy Protection Agency (CPPA) was enacted under the California Privacy Rights Act of 2020 (CPRA). As the first dedicated privacy regulator in the United States, the agency is tasked with implementing and enforcing the California Privacy Rights Act and the California Consumer Privacy Act of 2018 (CCPA).

The New York Times recently highlighted the act, noting it will be the nation’s “first privacy police.” Here’s what you need to know:

• Ashkan Soltani, former Chief Technologist of the Federal Trade Commission (FTC), was named the executive director of the CPPA in 2021 by the new agency’s five-member board.
• The agency is tasked with overseeing such tech giants as Facebook and Google, all on a $10 million budget.
• The eyes of the privacy industry will be on Soltani closely as he rolls out this first-in-the-nation dedicated data protection agency. 
• The new agency has attracted global interest as data protection authorities abroad look to see whether the new regulator will strengthen the United States as a regulator of the tech giants.
• The agency’s first task will be to turn the state privacy law into detailed regulations for industry. The regulations will cover a range of issues from how data is used for targeted ads, to automated decision making, to consumers’ right to manage their personal information. 

Commentary:

• Pixalate is excited to work with and provide counsel to more state governments as they implement laws with the goal of protecting consumers’ privacy 
• In its Mobile Apps: Google vs. Apple COPPA Scorecard (Children’s Privacy) Scorecard report, Pixalate found that there are over 379k likely child-directed apps in the Google Play and Apple app stores as of the end of 2021.
  • Close to 40% of child-directed mobile apps also access personal information.
  • Around 12.7k child-directed apps access personal info but have no detected privacy policy.
  • Nearly 22% of App Store child-directed apps have no detected privacy policy.
• President Biden zeroed in on strengthening privacy protections for children online as a priority for his administration in his recent inaugural State of the Union address.
• Several bills aimed at improving child protections are making their way through Congress. These include: 
  • The Eliminating Abusive and Rampant Neglect of Interactive Technologies (EARN IT) Act would create incentives for companies to “earn” liability protection for violations of laws related to online child sexual abuse material.
  • The Kids Online Safety Act (KOSA), which, according to TechCrunch, “would require social media companies to provide users under age 16 with the option to protect their information, disable addictive product features and opt out of algorithmic recommendations; give parents more control over their child’s social media usage; require social media platforms to conduct a yearly independent audit to assess their risk to minors; and allow academics and public interest organizations to use company data to inform their research on children’s internet safety.”
• The creation of an agency of this kind is meaningful for the ad industry because the new focus on privacy will change the way advertisers have utilized data in the programmatic space.

About Pixalate

Pixalate is the market-leading fraud protection, privacy, and compliance analytics platform for Connected TV (CTV) and Mobile Advertising. We work 24/7 to guard your reputation and grow your media value. Pixalate offers the only system of coordinated solutions across display, app, video, and OTT/CTV for better detection and elimination of ad fraud. Pixalate is an MRC-accredited service for the detection and filtration of sophisticated invalid traffic (SIVT) across desktop and mobile web, mobile in-app, and OTT/CTV advertising. www.pixalate.com