Explore. Learn. Grow.

The Virginia Consumer Data Protection Act was the second US state-level privacy law passed, in effect from January 1, 2023. It establishes consumers’ rights and companies’ responsibilities, and has been influential over subsequent data privacy laws passed in other states.

The Oklahoma Consumer Data Privacy Act takes effect January 1, 2027, bringing opt-out requirements for data sales and targeted advertising, affirmative consent for sensitive data, and AG-only enforcement with a permanent cure period. Oklahoma’s obligations closely track Virginia and Texas frameworks—but its narrower “sale” definition and absence of GPC support create specific operational considerations to address before the effective date.

California’s Age-Appropriate Design Code Act (CAADC) brings core obligations that include privacy by default, data minimization, dark pattern restrictions, and impact assessments for children’s data. Businesses that handle data from minors need to understand what the CAADC requires, where it stands legally, and what companion obligations are already in force.

Collecting personally identifiable Information (PII) from users is the backbone of data analytics in most organizations. Depending on the business purpose, PII ranging from email addresses to health records can help deliver services, build relationships, and enable more personalized experiences. This guide provides a PII compliance checklist to help you protect user data and avoid regulatory fines from global data privacy regulations.

Usercentrics is opening its North American headquarters in New York City, marking a major step in its U.S. expansion. Already trusted by 2.4 million websites worldwide, the global consent and data privacy leader is now bringing its full suite — spanning cookie consent, server-side tracking, AI governance, and audience activation — to U.S. marketers and enterprises.

The CCPA doesn’t mandate a cookie banner, but one remains the most practical way to meet its notice and opt-out requirements. The 2026 updates tighten the rules: clear notice and opt-out options, GPC signal confirmation, and a ban on dark patterns. This guide covers what changed, who must comply, and how to build a compliant banner.

The Global Privacy Platform (GPP) enables publishers to signal consent and preference information obtained from users to third parties. This IAB initiative helps publishers evolve their compliance efforts and stay ahead of the rapidly evolving privacy landscape in a cost- and resource-friendly way.