About the California Consumer Privacy Act (CCPA)

IAB Cross Media Ad Effectiveness Study WEBINAR 35

Companies that do business in California, regardless of where they are located, must comply with the law if they exceed one of the following thresholds: (i) have annual gross revenues in excess of $25 million; (ii) buy, sell, or receive or share for commercial purposes personal information gathered from 50,000 or more consumers, households, or devices; or (iii) derive 50% or more of its annual revenues from “selling” consumers’ personal information.

Some questions remain about the precise meaning of the thresholds. For example, it is not specified whether “annual gross revenues” includes global revenues or only revenues from California.


Key Definitions
Personal Information
Information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly . . .


You must be an IAB Member to continue reading.

To receive IAB member benefits, you must be employed by one of our member companies and have a verified business email address associated with your account.



If you have an IAB Portal account, please create a new account on iab.com and we will link to your records. If you're logged in and believe you are seeing this message in error, log out and try with another account or contact us about your company's membership status.

Contact [email protected] with press inquiries.