TrustArc Blog

CBBB Data Collection Compliance Effort — What You Need To Know

December 04, 2013

Recently, the Council of Better Business Bureaus (CBBB) announced that they are stepping up their enforcement efforts to ensure businesses adhere to the Digital Advertising Association (DAA) Self-Regulatory Principles (see examples). The CBBB is reviewing websites that allow 3rd parties to collect data for OBA purposes for compliance with the enhanced notice requirements. Companies who may be in violation of the Principles have been notified by the CBBB. Industry associations, like the International Association of Privacy Professionals (IAPP), are taking note of the CBBB’s announcement.

The CBBB along with the Direct Marketing Association (DMA), administers the Online Interest-Based Advertising (OBA) Accountability Program (Accountability Program) on behalf of the DAA.  In order to comply with the self-regulatory program, an “enhanced” notice — in the form of a separate link — must be on every page where ad networks or other third parties collect information for OBA purposes.  More specifically,

  • That link must be clear, conspicuous, separate from the privacy policy and labeled as “Why did I get this ad,” “AdChoices” or “Interest-Based Ads”. This link must lead to a mechanism where consumers can opt-out of OBA.  Example:
  • The “enhanced notice” link takes consumers to information explaining the OBA collection practices and provides access to a consumer choice opt-out option.

Internet-based ads or Ad Choices – how does it work from TRUSTe.

If your company collects information for OBA purposes, review your organization’s data practices to determine if compliance with the DAA Self Regulatory requirements is necessary.  TRUSTe can offer your company a privacy risk assessment and support with our privacy technology including TRUSTed Ads, our comprehensive OBA compliance control solution, and TRUSTed Website Monitoring, our advanced website tracker detection and management tool.

Subscribe to Blog