NAI 2016 Annual Compliance Report FAQs
1. What is the annual NAI compliance Report?
The NAI and its members invest enormous resources towards working to ensure that consumer choices are honored and data privacy is respected through a rigorous compliance and robust enforcement process. The report provides to the public the results of the NAI’s compliance program each year. Through publication of this report, consumers, regulators and others gain visibility into the NAI’s compliance program and self-regulatory process. NAI leverages the findings of the report to further strengthen its self-regulatory program.
2. What information is included in the NAI Compliance Report?
The report provides a summary of the NAI staffs’ findings from our compliance monitoring processes of our 108 member companies during the 2016 period (January 1, 2016, to December 31, 2016). This includes investigations and, when applicable, enforcements conducted during that time period.
3. The Compliance Report does not cite any members for noncompliance. Is that because the NAI staff did not find any violations of the Codes?
No. The report shows that NAI staff found that some member companies had various non-material violations of the Codes as a result of the organization’s robust monitoring program. These violations included malfunctioning privacy links and privacy disclosures that may not have provided adequate information regarding data collection and use in mobile applications. However, members actively worked with NAI staff during the course of the year to ensure that these issues were resolved quickly. NAI did not find any material violations of the Code during the 2016 compliance review period. Material violations are willful and/or very serious violations of our Codes, such as failure to provide consumer choice for an extended period of time, deliberately misleading statements in disclosures, failure to implement NAI guidance document requirements, or refusal to cooperate with NAI staff.
4. If no sanctions are listed in the Report, why do you claim that NAI has a robust compliance program?
NAI's rigorous compliance approach encourages collaborative dialogue between NAI staff and its members that creates a comprehensive, disciplined partnership that enhances the overall health of the digital advertising ecosystem and benefits consumers. NAI is a membership organization, and therefore its impact, and the benefit to consumers, increase as more companies join and sign up for self-regulation. Issues are resolved promptly, before they turn into larger problems affecting greater numbers of consumers. That is self-regulation at its best.
5. What is new in the 2016 report?
NAI began regulating Cross-App Advertising (CAA) through enforcement of its Mobile Application Code (App Code) in 2016. The Compliance Report shows that NAI found that all member companies provided an Opt-Out mechanism for CAA. However, some of these mechanisms needed improvements and/or more comprehensive opt-out instructions. In turn, NAI worked closely with member companies to draft improvements where needed. In cases where members did not initially provide all necessary disclosures in the App Code in a clear manner to consumers, NAI took additional steps to educate members regarding required and suggested disclosures pertaining to advertising identifiers on mobile devices, the choice mechanisms available on mobile platforms and location data, resulting in considerable improvement in mobile-specific disclosures throughout the year.
6. What is on the horizon for NAI in 2017?
NAI intends to leverage the findings of the Annual Compliance Report to further strengthen our self-regulatory program. In 2017, the NAI began enforcing two new guidance documents, addressing the use of Non-Cookie Technologies in web browsers, and Cross-Device Linking for IBA and CAA purposes. The 2017 compliance reviews include these guidance documents, and companies will be held accountable for meeting these requirements. From a policy perspective, NAI is conducting advance work with its members and industry stakeholders to examine terminology, including the continuing relevance of the Non-Personal Identifiable Information (non-PII) and Personal Identifiable Information (PII) distinction. As data collection and use for targeted advertising on connected TVs becomes more prevalent, NAI is also actively working to draft Guidance addressing this new ecosystem. NAI is also continuing to develop, expand, and improve its suite of technical monitoring tools in both web and mobile application environments.
See the full press release here.