Skip to main content

Prepare for CCPA Changes Impacting Facebook August 1st

By July 30, 2020August 18th, 2022Measurement & Attribution, News & Updates 5 Min Read

Kochava Consent Management Platform can help.

While it has been in effect since January 1st, 2020, enforcement for the California Consumer Privacy Act (CCPA) began in earnest on July 1st. Starting January 1st, Facebook has taken a conservative approach by acting as a service provider for all California data coming through its business tools. On June 22nd they introduced Limited Data Usage as a control for advertisers to tell Facebook to act in accordance with its role as a service provider, should they want Facebook to do so. To give businesses time to implement solutions and apply Limited Data Usage to all personal information shared about people in California they continue to act as a service provider by default and will do so through July 31. Starting August 1st a business will need to send the Limited Data Usage flag to Facebook in order for them to act in accordance with their role as a service provider. 

Advertisers now, more than ever, need to immediately integrate a consent management platform that will enable them to identify users who reside in California and prompt them with appropriate privacy dialogues, while also offering them the option to request their personal data not be sold. This will enable brands to operate, measure and optimize campaigns on Facebook for their consented California customers. 

Effective August 1st, Kochava will enable clients to use Facebook’s Limited Data Usage (LDU) flag that can be sent by MMPs or the Facebook SDK. A user is to be marked as LDU if a business wants Facebook to act as their service provider under CCPA. For LDU users, Facebook will continue restrictions on California Business Tools data from App Events via MMPs or Facebook SDK.

Some examples of users not designated as LDU may include but are not limited to:  

    1. The user provided consent to the ‘business’ to have their data sold
    2. CCPA does not apply to the ‘business’ sending the user conversion. Note: CCPA applies to a business only when one or more of the following conditions are true: 
      1. Business has a gross revenue greater than $25 million
      2. Business annually buys, receives, sells, or shares the personal information of more than 50,000 consumers, households, or devices for commercial purposes.
      3. Business derives 50 percent or more of its annual revenues from selling consumers’ personal information

By August 1st, Kochava will provide an option for clients whose business is not subject to the CCPA to override their Limited Data Usage flag on all user conversions sent to Facebook. This will indicate to Facebook that all users of that ‘business’ are available for ad targeting and campaign conversion claims. Contact your Client Success Manager or email if this applies to your business. 

Subsequently, Kochava will be updating its integration with Facebook to pass user-specific LDU status. Clients are encouraged to implement Intelligent Consent ManagerTM to prompt their users and capture the CCPA consent string, which will dictate the LDU status sent to Facebook. Thanks to its built-in consent management platform and strong partnership with Facebook, Kochava is uniquely positioned to help advertisers continue leveraging Facebook to reach and engage their California-based customers. 

If you have questions on the California Consumer Privacy Act, visit our CCPA FAQ

See Facebook documentation for developers