This topic deep dives into the different MSPA signals and how to understand them. The MSPA consists of privacy-protective terms that activate among a group of signatories and accompany the data as it moves through the digital advertising supply chain.
The Multi-State Privacy Agreement (MSPA) is a contractual framework developed by the IAB, inspired by its limited-service provider agreement, to help companies in the online advertising supply chain comply with evolving U.S. state privacy laws.
Introduced on December 1, 2022, the MSPA facilitates the exchange of consent signals via the IAB Tech Lab’s Global Privacy Platform (GPP). This standardized privacy signaling protocol enables companies to honor consumer choices across the digital advertising ecosystem.
The MSPA supports compliance with data privacy laws of the fifteen states that are currently in effect. For more information, see US Regulations under GPP.
By standardizing privacy-related terms between advertisers, publishers, agencies, and ad tech intermediaries, the MSPA either complements existing commercial contracts or serves as a legal baseline where none exist. While the MSPA can cover all digital advertising transactions for a given party, it also allows for flexibility, enabling participants to enter into separate agreements with different privacy terms for transactions outside the scope of the MSPA, referred to as non-Covered Transactions.
For your convenience, we've organized the 15 U.S. states currently under GPP alphabetically and outlined the technical implementation of each consent covered under the MSPA.
For transactions covered under MSPA, First Parties (publishers and advertisers) have the option to operate either in Service Provider Mode or Opt-Out Option Mode. Service Provider Mode is for signatories refraining from "selling," "sharing," or processing personal information for "targeted advertising."
For more information on each Mode, see Technicalities of MSPA.
As numerous state privacy laws come into effect, publishers face the decision of whether to navigate compliance on a state-by-state basis or implement the strictest data usage standards across their entire business nationally. The MSPA guides both approaches.
State-specific privacy laws are applicable based on the consumer's residence, not the location of the company or its partners. Implementing processes on a state-by-state basis can be challenging, making a national approach organizationally simpler.
Opting for a national approach eliminates the need to determine a consumer's location. The MSPA's national approach adheres to the highest common denominator for compliance. For more details on the national and state approaches, see What is a Regulatory Path?
By installing this SDK update, you agree that your Children Privacy Compliance setting remains accurate or that you will update that setting, whenever there is a change in your app's audience. You may update the app's Children Privacy Compliance settings at https://publisher.inmobi.com/my-inventory/app-and-placements.
Support Center
