IP Geolocation granularity impacts regulatory and contractual use cases

[miketaylr]

Originally filed at spanicker/ip-blindness#21 by @smhendrickson

In addition to the targeting use cases described in spanicker/ip-blindness#20, IP Geolocation may also be used for regulatory and contractual requirements. Will the Geo granularity described create any anticipated difficulties in meeting regulatory needs?

There is some existing conversation in the original thread w/ @dmdabbs and @patmmccann, but let's continue the topic here.

[dmdabbs]

I was watching the older spanicker repo but did not know about this one. Thank you for the ping @miketaylr.

[patmmccann]

Thanks, one other note, simply calling the topics api, which provides it training data, or setting a fledge interest group, likely constitutes a data sale under California and other state law, as IAB MSPA training material indicates similar activities do.

If an entity is making one of these js calls unaware of the real user jurisdiction because chrome has misled it on applicable law, perhaps chrome should make sure to suppress the illegal set interest group or topics api calls.

Suppose for example, a publisher knows the law requires them to notify users that entities call the topics api, which most seem to believe is a sale under various state laws. Suppose further the notice is crafted to the particular state, and that the user happily opts in, or fails to opt out. Well if the notice was crafted to the wrong state's notification laws, it may render the consent void.

[bmayd]

We use geolocation for making decisions related to contractual and regulatory compliance and need to be able to map interaction sources to jurisdictions and legal boundaries (generally states).