Key Compliance Requirements for Device Data Handling
When portable electronic devices collect, process, or disclose information that can identify or infer a user's precise location—such as through GPS, Wi-Fi, or cellular data—specific obligations apply. Entities must provide clear disclosures to users, typically via interstitial or instant notifications, explaining how their data may be used, including for purposes like ad personalization, analytics, or attribution, and whether it might be shared with partners. Obtaining explicit consent from end-users before any collection, processing, or disclosure is mandatory. Additionally, such information must be transmitted to Google in encrypted form or through encrypted channels, and all applicable privacy policies must detail the methods of collection, processing, and public sharing of this data.
Special Considerations for Children's Privacy
The Children's Online Privacy Protection Act (COPPA) imposes strict rules if Google advertising services are used on apps, websites, or site sections covered by the law. Publishers must inform Google of these COPPA-covered properties via Google Search Console, use the AdMob SDK to tag relevant ad requests, or mark their site, app, or ad requests as directed at children. Importantly, interest-based advertising services, including remarketing, cannot be used to target activities of users known to be under 13 years of age, or activities on sites aimed at children under 13.
Advertising and Content Standards
Google's policies prohibit displaying ads on pages that violate its web search spam policies or contain misleading experiences. Screens showing Google ads must not include malware—such as viruses, ransomware, or spyware—or unwanted software that fails to disclose functionality, bundles programs without user knowledge, or makes uninstallation difficult. Ads must also comply with the Better Ads Standards; non-compliant ad experiences are not permitted. On domains using ads.txt, Google ads cannot be shown unless the seller is authorized in the ads.txt file. For multi-publisher setups, the parent entity must ensure child domains promptly add ads.txt files listing the parent as an authorized seller.
Sanctions and Restricted Regions
Google adheres to U.S. sanctions enforced by the Office of Foreign Assets Control (OFAC) and other applicable regulations. Consequently, publishers from certain regions—including Crimea, Cuba, the so-called Donetsk People's Republic (DNR) and Luhansk People's Republic (LNR), Iran, North Korea, and Syria—are ineligible to use Google publisher products.
Advertising Integration and Placement Rules
For search advertising, each user action (like a click or scroll triggering more results) should generate only one search ad request. Ads must be clearly labeled and distinct from search results, and they should not be incentivized. AdSense search ads cannot be mixed with other Google ad units like AdSense content ads or AdMob ads in the same placement. On desktop sites, up to three ad units are allowed per results page, plus a link unit and one additional content ad unit. Ads should not outnumber organic search results, and their space should not exceed one-third of the results area without scrolling. On mobile and tablet sites, a maximum of two ad units is permitted, with no more than one visible unit at a time and up to three ads per unit.
| Policy Area | Key Requirement | Applicable To | Best Practices | Common Pitfalls |
|---|
| Location Data | Obtain explicit consent before collection | Devices using GPS/Wi-Fi/cellular data | Use clear notifications; encrypt data transfers | Failing to disclose data sharing with partners |
| COPPA | No interest-based ads for under-13 audiences | Sites/apps targeting children | Tag ad requests appropriately in AdMob SDK | Using remarketing on child-directed content |
| Ad Standards | Comply with Better Ads Standards | All ad-supported content | Review Coalition for Better Ads guidelines | Displaying intrusive ad formats like pop-ups |
| ads.txt | Authorize sellers in ads.txt file | Domains using ads.txt | Regularly update files; verify partner domains | Unauthorized sellers displaying ads |
| Sanctions | Avoid business in embargoed regions | Global publishers | Check OFAC lists before partnerships | Operating in prohibited regions like Iran or North Korea |
| Search Ads | One ad request per user action | Search result pages | Keep ads distinct from organic results | Mixing ad types or incentivizing clicks |
Actionable Guidance for Compliance
To maintain compliance, regularly audit your data collection practices and ensure privacy policies are transparent. Implement robust consent mechanisms for location data, and avoid any advertising tactics that target minors inappropriately. Adhere to technical standards for ad placement, particularly on mobile interfaces where space is limited. Finally, verify that all business activities align with U.S. sanctions to prevent access issues with Google's publisher tools.
研究の知恵