Overview

The California Consumer Privacy Act (CCPA) was enacted to provide California consumers with greater transparency and control over their personal information.

Initially prompted by regulation in the California Consumer Privacy Act (CCPA), the IAB's US Privacy String were created to support compliance with the CCPA. For more information, consider reviewing the following IAB CCPA's resources:

Implement the US Privacy String

Prerequisites

In order to set up US Privacy String on your app, you will first need to follow the setup guidance for Configuring the CCPA US Privacy String in your OneTrust tenant.

How It Works

With this latest implementation, there is no SDK code for the app to call to initialize or set the IAB US Privacy String. The SDK handles it automatically based on the configuration in the OneTrust tenant.

Access the US Privacy String

Per IAB Standards, the US Privacy String is saved to UserDefaults under the IABUSPrivacy_String key.

ccpa = m.global.IABUSPrivacy_String

Please note that if your application is configured with a single geolocation rule, OneTrust will save and update the IAB CCPA values for every location, regardless of the value provided for geolocation. This is because the OneTrust SDK does not make a geolocation API call when only one geolocation rule exists and we will be unable to determine which location to apply the IAB CCPA updates to.

When a User Withdraws Consent

Calling this method will:

Update the US Privacy String to indicate the user has opted-out of the sale of personal information
Broadcast the change to your app to alert 3rd party vendors of the change

m.global.OTsdk.callFunc("optOutOfSaleOfData");

When a User Gives Consent