If You’re A Publisher And You Don’t Know What A UOOM Is, Then Read This

Anyone who has destination for breakfast, tube -shaped tools and respectable data collection procedures will have a great 28 January.

Because 28th January is National Blueberry Pancells Day, National Kazoo Day And of course Personal Data Protection DayAn annual holiday of species to raise awareness of the importance of data protection, privacy and cyber security.

To remember, my gift for you is an update to something that I think is about to get much more attention: universal logging mechanisms (UOOM).

DNT rides again (kind)

The universal exception mechanism is a digital tool that sends a browser signal to the browser and says websites not to collect and/or sell the user’s personal data for targeted advertising and do not follow their activity over the Internet.

If it sounds familiar, it is because the concept is almost the same as not watching, the unfortunate initiative 2012–2013, which tried to create a web standard for online tracking.

DNT has never fled for several reasons: the back sector from the online advertising industry, the lack of accepted standards for what it does not “follow”, and the absence of legal enforcement. Honoring the signal was voluntary.

“Do not follow a large extent ignored, because the servers did not know how to interpret it and were not obliged to try,” says Julie Rubash, General Advisor and Privacy Director at Data Privacy Software Company Sourcepoint.

But today it is not. Fifteen state protection laws include a legal mandate in honor of universal signal signals.

The provisions of California and Colorado have been in books since 2024. Connecticut, Montana, Nebraska, New Hampshire and Texas came into force on January 1. Maryland, Minnesota and New Jersey will appear at the end of this year. And the requirements of Delaware and Oregon’s Uoom start January 1, 2026.

Uooms condition

To date, there is only one universal login mechanism that has been officially recognized by the regulators, and this is the global privacy control (GPC).

At the beginning of 2021, when Xavier Becerra was still a general prosecutor of California (and Twitter was still relevant platform), he tweet The fact that businesses are obliged to handle a user supporting global privacy control “as a legally valid consumer request” to log out for the sale of data.

And later, in 2023, Colorado also gave his blessing GPC.

However, it is important to realize that there are other UOOM tools on the market and it is possible that they will eventually be approved by regulatory bodies in California, Colorado and other countries.

“They could theoretically announce the recognition of other uooks,” says Rubash.

For example, Colorado chose GPC, but also considered two other UOOMs: OptoutCode, which sends signals notification via mobile and IoT devices, and a log-out machine that sends the Opt-Out requirements to data brokers.

The Office of the Prosecutor’s General in Colorado said it plans to regularly check new UOOM applications and possibly update your list of acceptable tools.

Login analysis

The basic purpose of GPC and UOOMS is to facilitate people to exercise their rights to protect privacy.

But as more of these mechanisms appear and the regulatory bodies permit them, the more complicated it could obtain publishers to comply with the regulations and control data collection.

As Scott MesserPublisher and founder of Messer Media, put it in an operation for Adexchanger at the end of last year, the distribution of UOOMS “will support the entire Dat-Nejen collection flow as Consent is awarded but also where It’s awarded. ”

And there are still many unanswered questions. For example, GPC signals overwrite personal data protection settings at the site level? And how will GPC offer as an option at the Opt-out-out browser level?

According to Don Marti, vice -president of the ecosystem of the RAPTive innovation, which operates a large advertising network for publishers, GPC should be considered a positive development. Raptive has helped test and solve GPC problems and was one of the founding members of the Global Control Control Project.

“It’s simple as soon as you have the underlying work,” Marti says. “Companies and partners have to do the right thing with manual logging out of users and universal logging in basically say they will do the same.”

Gpc you

Meanwhile, the regulators follow.

In 2023, Sephora became the first company to obtain a fine under the Personal Data Protection Act in California for not processing the requirements for logging out by GPC. It He paid $ 1.2 million to settle the accusation.

At the beginning of last year, DOORDASH received a fine of $ 375,000 for sharing data via a marketing cooperative without warming up or having an opportunity to unsubscribe.

In June, Mobile Gaming Tilting Point was fined under CCPA and COPPA for obtaining parents’ consent before collecting and sharing personal data.

And at the beginning of this month, the General Prosecutor Texas AllState and its subsidiary charged Data Arity to collect information from more than 45 million Americans without their consent and to sell other insurance companies.

This may not seem like many coercive activities. So far, there have been only a small handful of public cases that have specifically been involved in the inability to recognize exceptions, but that does not mean that the regulators were not active behind the scenes.

“There was a significant non -public enforcement in this area,” says Rubash, “with many businesses that are subject to the regulatory authority to log out, including GPC recognition.”

In short, are you down with GPC? Because you should really be.

No one wants to get a letter from CPPA O UOOMS for breach of CCPA and does not honor GPC.* And they say advertising technology is bad for shortcuts. Π

*Translation for People: No one wants to get a letter to the California Protection Agency for universal mechanisms to log out for violation of the Personal Data Protection Act for California and countless privacy control.

🙏 Thanks for reading! And happy personal data protection day for all who celebrate, including This small party animal. As always, do not hesitate to write me the line [email protected] with any comment or feedback.