The IAB Multi-State Privacy Agreement (MSPA) is an industry contractual framework intended to aid advertisers, publishers, agencies, and ad tech intermediaries in complying with five state privacy laws that will become effective in 2023 (in California, Virginia, Colorado, Connecticut, Utah). The MSPA is not a “model contract” or a template agreement; instead, it is a set of privacy-protective terms that spring into place among a network of signatories and that follow the data as it flows through the digital ad supply chain.
The MSPA works together with the IAB Tech Lab’s Global Privacy Platform, a uniform privacy signaling specification that allows companies to communicate and honor consumer choices throughout the ads ecosystem.
The MSPA does not contain any commercial terms, but instead supplements commercial contracts amongst signatories with required privacy terms; and where no commercial contracts exist, the MSPA provides the baseline set of privacy terms required by law. Further, while publishers and advertisers can use the MSPA to cover all of their digital ad transactions, the MSPA also provides them the flexibility to enter into separate agreements with their ad tech vendors for other transactions using independent privacy terms. Such transactions would simply not be MSPA “Covered Transactions.”
On December 1st IAB and IAB Tech Lab’s General Counsel Michael Hahn, IAB’s Assistant General Counsel Tony Ficarrotta, and IAB Tech Lab’s Senior Director, Privacy & Data, Rowena Lam presented the Path to State Privacy Law Compliance with the IAB MSPA webinar to discuss:
- Industry compliance challenges
- MSPA solutions to those challenges
- Obligations of MSPA signatories
- MSPA’s application to use cases
- How the MSPA leverages the IAB Tech Lab’s Global Privacy Platform
- What you need to do next to sign-up