IAB CCPA Technical Framework

Suggest Edits

Introduction

What is the IAB CCPA Technical Framework
The IAB CCPA technical Framework is used to communicate a user's "opt out of sale" status among other information such as the LSPA status. See IAB Site for more details.

The IAB CCPA technical framework relies on the "us_privacy" string to communicate this information.

What is the us_privacy String
The "us_privacy" string is 4 characters long and informs AdTech vendors about a user's status under the CCPA Technical Framework. It can be communicated via OpenRTB (e.g. in a bid request) as well as URL parameters (e.g. in a usersync URL). Details on communicating it to TripleLift can be found below.

See IAB spec for more details on the US Privacy string.

Bid Request

To help convey the user choice (for opt out of sale) across the AdTech ecosystem and equip our partners with the right information TripleLift includes the "us_privacy" string as part of the bid request when it is provided by the publishers.

The format for sending the data is via the OpenRTB parameters as described in the IAB specs.

us_privacy string
Sent in the Regs object's ext.us_privacy parameter as shown below.

"regs": {
    "ext": {
      "us_privacy": "1YNY"
    }
  },

User Sync

When initiating a user sync with TripleLift, it's important to include the US Privacy string when it applies. We will use it to determine if the sync should proceed.

Below is an example of including the US Privacy string in the us_privacy parameter on a /getuid sync call:
https://eb2.3lift.com/getuid?redir=http%3A%2F%2Fyoursite.com%2FtlUid%3D$UID%26abc%3D456&us_privacy=1YYY

For more information see the User Sync page.

Updated over 1 year ago