Burying Behavioral Advertising in Terms of Service Violates GDPR Principles

2023 started with a serious blow to behavioral advertising. Irish Data Protection Authority (IE DPA) issued a decision to Meta that put its Behavioral Advertising under high scrutiny. This decision was handed down to Irish DPA from the European Data Protection Board (EDPB) and is an outcome of the dispute

Lucid releases Virginia Readiness Record (VCDPA)

On January 1st of this year, the Virginia Consumer Data Protection Act (VCDPA) officially came into force.  To help you keep pace with the law, and to help you evaluate whether your business meets thresholds of applicability, Lucid is releasing our Virginia Readiness Record (VCDPA) as a public reference.  As

Lucid Privacy Survey Finds That The Majority Of AdTech Businesses Plan To Honor Opt-Out Preference Signals Globally

Following the recent passage of new privacy laws in California, Colorado and Connecticut that will require businesses to honor ‘Do Not Sell or Share’ of targeted advertising opt-out requests via “opt-out preference signals’ or (‘signals’) (aka; ‘global privacy controls’ or ‘GPC’),”  there has been some uncertainty on h0w these opt-out

Lucid References: California Readiness Record (CCPA/CPRA)

With the new California privacy law, CPRA,  coming into force in January, many companies are conducting reviews to ensure that they understand how CPRA will apply to their business and what they will need to do to comply.  The process has been complicated with CPRA sitting on top of the

A benchmarking poll for Opt-Out Preference Signals (GPC)

The Sephora enforcement action has the digital media industry in a bind. Many companies have been waiting for a range of implementation questions to be resolved through the CPRA rulemaking process before adopting GPC, but the California AG is already dropping the hammer.  Some companies have already signaled that they

California v. Sephora

On August 24, 2022 we saw the first settlement under the California Consumer Privacy Act (“CCPA”). In a press release from the office of the California Attorney General Rob Bonta. Attorney General Bonta stated that “Sephora failed to disclose to consumers that it was selling their personal information, [and] it

Google Analytics 4 and IP Address

A closer look at the privacy and product implications of the deprecation of IP Address logging in GA4.

How Aare GDPR Fines Calculated?

EDPB Guidance for DPAs on calculating GDPR fines

Lucid reference section launches with Transfer Impact Assessment template

Over the past several years, as we have worked with clients to operationalize privacy compliance documentation, taking into account legislative requirements and iterating over time with regulatory guidance, we have built up a considerable library of templates.  To help real life privacy pros fill out these templates, as well as

CPPA Releases First Draft of CPRA Regulations

An overview of the CPRA Draft Regulations

What are the likely effects of the Digital Markets Act on marketers?

It is safe to say that the EU’s Digital Markets Act (DMA) has the potential to have a significant impact on the main protagonists, the so-called ‘Gatekeepers,’ such as Amazon, Apple, Google, Meta and Microsoft.

The State of State Privacy Legislation

It’s old news that states have been proposing and passing privacy laws. Let’s take a moment to figure out the landscape.

Wordle — A Modern Day Parable.

Wordle was the online viral puzzle sensation of 2021. Developed by Brooklyn software engineer Josh Wardle as a gift to entertain his…

HOPE FOR A NEW TRANSATLANTIC TRANSFER SHIELD

After the recent body blows to the transatlantic data transfers, could we see some light at the end of the tunnel?

HOPE FOR A U.S FEDERAL PRIVACY ACT

Interest in passing data privacy legislation has been growing in state legislatures across the United States (US) as of late. Since 2018…

The European Parliament Approves the Digital Services Act (DSA)

With a large majority (530 yeas, 78 nays, and 80 abstentions), the European Parliament voted to approve the initial draft of the Digital…

DSAR probing ‘attack’ from Princeton researchers

Over the course of the week, most of our clients, across disparate industries, have been hit by some form of a template DSAR probing…

Understanding Apple’s App Tracking Transparency, part 2: The Cookie Consent

As originally posted by LiveRamp in their ‘RampedUp’ blog series. If you missed part one of our two-part series on Apple’s App Tracking Transparency (ATT) framework, read it here. Since 2002, the adtech industry has gone through a number of regulatory and self-regulatory changes with the use of cookies,

Understanding Apple’s App Tracking Transparency, Part 1: Take the Opportunity to “Date” Your App’s Users Again

As originally posted by LiveRamp in their ‘RampedUp’ blog series. There’s been a lot of speculation about the replacement of Apple’s iOS Identifier for Advertisers (IDFA) with the AppTrackingTransparency (ATT) changes that are expected to be released any day now. While the ATT has its user experience limitations,

Lucid Privacy Group is looking for more talent!

The Lucid Privacy Group is a leading provider of strategic privacy services for data driven technology companies. We partner closely with…

Google Not on Board with Cookie Work-Arounds

Oh boy. So Google created a big splash yesterday with their announcement that they will NOT support the variety of cookie replacement…

Virginia follows California with their own comprehensive privacy law

When the CCPA was passed into California law in 2018, California was the only state in the US with a baseline privacy law. As of this week…

A very civil Brexit

Brexit Transition Period

A tech spec to supercharge CCPA

Most of you are reasonably familiar with CCPA, the California privacy law that went into effect in July of this year.

Joining Menlo College Board

This month I have joined the Board Of Trustees at Menlo College, a wonderful undergraduate school here in the heart of Silicon Valley. I…