As more and more U.S. states introduce stricter privacy laws to stay competitive with EU and other countries' data privacy regulations it is important that you make sure your cookie, third party services, and advertising settings stay up to date with these changes.
Currently, 20 U.S. states have enacted consumer data privacy laws that rival the EU's GDPR in their comprehensiveness. In January 2025, five more states are following suit.
Please visit this document for more information on cookie consent and your form options for allowing users to opt in or out: Embedding Cookie / Compliance Code in Metro Publisher.
While there are no federal laws regulating the use of cookies in the U.S. at this time, some state-level laws such as the California Consumer Privacy Act (CCPA) and Virginia Consumer Data Protection Act (CDPA) consider the information collected via cookies to be protected personal information.
Keep in mind that in addition, public websites are accessible from anywhere in the world unless you restrict viewing to local readers, meaning GDPR rules may apply.
NOTE: The user information gathered on the User-submitted Events Form constitutes personal information under the EU GDPR, and United States state-level laws may define it the same way. You have the option to change the default text on that form to clearly state that users may contact you at any time and request their data be deleted.
In order to fully delete personal information submitted by users on the User-submitted Events Form, the event that was submitted by that user must also be deleted. We recommend you add that information to the default text.
Please be sure to also adjust the default text for Comments via Admin > Settings > Default Texts for GDPR and potentially U.S. state-level law compliance, since you are collecting the entered names and email-addresses. Readers should be able to contact you and request their comments be deleted at any time.
Google Ad Manager recently informed GAM customers of their current data processing and data protection terms, including information on accounts using restricted data processing, and has dedicated help documentation on the topic here:
- US states privacy laws guidance
- About US state regulations messages
- Tag your site with GPT to display messages
- Create a US state regulations message
- Report on US state regulations messages
In addition, Google is updating its general Platforms Program Policies and Publisher Policies as of February 2025. Part of this update includes guidelines for privacy disclosures:
You must disclose clearly any data collection, sharing and usage that takes place in connection with your use of Google products, including information about the technologies used, such as your use of cookies, web beacons, IP addresses, or other identifiers. This applies for data collection, sharing and usage on any platform, surface or property (e.g., web, app, Connected TV, gaming console or email publication). To comply with this disclosure obligation with respect to Google's uses of data, you have the option to display a prominent link to How Google uses information from sites or apps that use our services.
Google also offers some help with the EU user consent policy.
For any other Ad Serving you may be running on your website, including Broadstreet, please be sure to reach out to your service provider to ensure your account settings comply with current U.S. (and international) privacy laws.
Comments