The term “targeted advertising” is defined relatively consistently between and among modern U.S. data privacy statutes with the noticeable exception of California which deviates somewhat in the California Privacy Rights Act’s (CPRA) definition of the similar term “cross-context behavioral advertising” by omitting any reference to tracking a person over time, or making predictions about a
Most modern U.S. data privacy statutes require companies to allow data subjects to opt out of having their personal information used for targeted advertising. As the following chart indicates, the term “targeted advertising” is defined consistently between and among most state statutes with the noticeable exception of the California Consumer Privacy Act (CCPA) and its
Modern state privacy statutes require that organizations provide individuals with the ability to opt out of targeted advertising. While the substance of the opt-out right is similar between and among states, state statutes differ in how they mandate the conveyance of the opt-out right. While all state statutes require that an explanation of the right
The Virginia Consumer Data Protection Act, which is scheduled to go into effect in 2023, states that a consumer has the right to “opt out of the processing of the personal data for purposes of [] targeted advertising . . . .”1 Unlike other state statutes, such as the CPRA, the Virginia Consumer Data
The Colorado Privacy Act, which is scheduled to go into effect in 2023, states that a consumer “has the right to opt out of the processing of personal data” for the purposes of “targeted advertising.”1 Unlike other state statutes, such as the CPRA, the Colorado Privacy Act does not contain an exemption for situations