UniConsent
The New York Attorney General's Office recently issued a Guide for Website Privacy Controls in mid-July. Although New York lacks a specific consumer data privacy law, the office asserts that existing consumer protection laws require truthful and non-misleading representations about consumer privacy. This guide is designed to correct common mistakes businesses make when using tracking technologies on their websites.
New York Attorney General Releases Guidelines for Website Privacy Controls
The Attorney General's Office conducted a detailed analysis of cookie activity on various websites. Following the investigation, 13 websites were notified of issues with cookie tracking activity. All identified issues were subsequently resolved.
The guidance outlines six common errors companies make when deploying tags and tracking technologies:
Uncategorized or Miscategorized Tags and Cookies:
Improper configuration of consent management tools, such as those provided by UniConsent, can result in marketing cookies not being deactivated as expected.
Misconfigured Consent-Management and Tag-Management Tools:
Inconsistencies between these tools prevent cookies from being deactivated when a user opts out.
Use of Hardcoded Tags:
The use of hardcoded tags does not respond to consent management tools.
Misunderstanding Services like Meta’s Limited Data Use:
Companies often misunderstand how these services work in states without comprehensive data privacy laws.
Incomplete Understanding of Tag Data Collection:
Businesses lack a full understanding of how tags collect and use data.
Cookieless Tracking Technologies:
The use of cookieless tracking technologies passes data to advertising companies without consent to the control of management tools.
To comply with New York's consumer protection laws, the guidance highlights three main issues:
Accuracy of Privacy Control Statements:
Ensure the privacy controls stated in cookie pop-ups and privacy statements are accurate.
Avoid Misleading Language:
If the cookie is already in use at the time of the user's visit, do not give the impression that the user's consent is required before deployment.
Non-Misleading User Interface:
Ensure that cookie-management tools don't use confusing interfaces (i.e., dark patterns).
The guidance provides several "dos" and "don'ts" for privacy-related disclosures and controls:
Dos:
Provide separate "Accept" and "Decline" buttons of the same size, color, and emphasis.
Don’ts:
Avoid using unclear buttons, such as an "X" that users may interpret as rejecting cookies.
Guidance from the New York Attorney General adds to the growing complexity of effectively deploying consent management tools and cookie pop-ups. Businesses must also consider state consumer data privacy laws, litigation risks (e.g., California Invasion of Privacy Act lawsuits), and international requirements. New York State’s lack of state-specific data privacy laws, combined with this guidance, makes compliance even more complex.
To meet requirements in this guideline, UniConsent provides a robust set of compliance configurations, including:
UniConsent's technical support ensures seamless configuration and deployment of consent management tools, helping enterprises avoid common pitfalls and ensure compliance with various privacy regulations.
By leveraging UniConsent's solutions, businesses can ensure that their tracking technology and privacy controls are configured correctly, transparently, and user-friendly to meet the expectations set by the New York Attorney General's guidance and other applicable privacy laws.
UniConsent is a part of Transfon's privacy-first User Experience Platform that serves tens of millions of users per day to provide a seamless privacy experience for both users and publishers in the age of post GDPR. Contact us to know more: hello@uniconsent.com
Activate Google Consent Mode UniConsent to enhance the accuracy of your Google Analytics and Google Ads conversion data.
Set up Google Consent Mode →Commencez à rendre votre site web et votre application conformes au RGPD de l'UE, au CPRA des États-Unis, au PIPEDA de la CA, etc.
S'inscrireCanada: Aperçu du Commissaire à la protection de la vie privée du Canada sur la lutte contre les motifs de conception trompeurs
Lignes directrices de Noyb sur le motif sombre de la bannière de cookies 2024
Nouveau changement de confidentialité des données de Google en juillet 2024
Lois Américaines Sur la Confidentialité Des Données de 2024: Principales Mises à Jour ET Modifications
Mises à Jour de Google Sur la Confidentialité Des Données Pour Les éTats-Unis 2024: Ce Que Vous Devez Savoir
Google Certified CMP : Mise en œuvre de Google Certified CMP pour AdSense, Ad Manager et AdMob
Commencez à rendre votre site web et votre application conformes au RGPD de l'UE, au CPRA des États-Unis, au PIPEDA de la CA, etc.
S'inscrire