.svg)
As per our tradition, let's kick off 2026 with a comprehensive list of data privacy resources, articles, and materials to help you start the new year right.
For this edition we've prepared an even more thorough breakdown than ever before, covering everything from the very basics of data privacy to advanced guides, thought-provoking op-eds, and online webinars. Get your bookmarks ready!
Data privacy 101: Essential concepts for 2026
Let's start with some reading on essential data privacy concepts everyone needs to know about:
- 25 data privacy acronyms you should know
- What are dark patterns? (with examples)
- What is Privacy UX?
- What is a privacy policy (and how do I create one)?
- What is a Privacy Impact Assessment (PIA)?
- What is a Data Subject Access Request (DSAR)?
- What is consent fatigue?
- What is consent marketing?
- What is the difference between zero, first, second, and third-party data?
- What are Privacy Enhancing Technologies (PETs)?
Once you're familiar with these concepts, time to zoom in on consent management specifically.
Consent Management Platforms (CMP): Where to get started?
Here's a list to help you get a solid grasp on consent management and consent management platforms:
- CRM, CDP, DMP, CMP, PMP: What is the difference?
- Top 10 best CMPs
- Top 5 best enterprise CMPs
- The ultimate guide to consent banner formats
- Examples of cookie banners balancing compliance and user experience
- Migrating to Didomi from another CMP: How does it work?
Our Didomi CMP is a certified Google CMP partner with gold status, but to make sure our solutions are the right fit for your specific needs, we put together a guide covering everything you should know before making a decision on your consent management provider. Download it on our website:
{{how-to-select-the-right-cmp}}
Server-side tagging: Learning the basics
The next item you should learn about is server-side tagging, an innovative technology allowing organizations to face modern challenges surrounding data collection and activation:
- What is server-side tagging
- Complete server-side tagging glossary
- The future of tracking is server-side. Here's why
- Server-side tagging: 10 essential questions (and their answers)
- Server-side tagging vs. client-side tagging
- What is the impact of server-side tagging on consent management?
- The 7 best server-side tagging tools for 2026
We believe server-side tagging has an incredible potential for organizations, so much so that we acquired Addingwell, a leading server-side tagging solution. Learn more about the acquisition, and the history behind the company and server-side tagging as a whole, in our interview with Romain Baert, Addingwell's co-founder and CEO.
Managing regulatory compliance: Laws and frameworks
We've been helping our readers make sense of data privacy regulations for years, doing our best to help you more clearly sort through the often confusing patchwork of laws around the world, a trend that is not likely to slow down anytime soon.
In this section, you'll find useful guides to bookmark addressing country-specific laws, state laws in the U.S., and data privacy frameworks you can adopt.
Data privacy laws around the world
In our country guides article series, we cover the various regulations and intricacies of data privacy laws globally. Some of the country topics we have covered over the years (so far) include:
- 🇦🇺Australia data privacy laws
- 🇧🇪 Belgium data protection law
- 🇧🇷 Brazil LGPD
- 🇨🇦 Canada: PIPEDA / Law 25 / Bill C-27
- 🇨🇱 Chile privacy law
- 🇨🇿 Czech Republic cookie and consent regulations
- 🇪🇺 Everything you need to know about the GDPR in 2026
- 🇩🇪 Germany: German data privacy laws / German consent ordinance
- 🇮🇳 India Digital Personal Data Protection (DPDP) Act
- 🇮🇩 Indonesia Personal Data Protection (PDP)
- 🇮🇪 Ireland cookie consent regulation
- 🇮🇹 Italy privacy guidelines
- 🇯🇵 Japan Act on the Protection of Personal Information (APPI)
- 🇳🇱 The Netherlands privacy law
- Nordic countries: Overview / 🇳🇴 Norway cookie laws 🇩🇰 Denmark cookie laws / 🇫🇮 Finland cookie and consent regulations / 🇸🇪 Sweden data privacy laws
- 🇸🇬 Singapore Personal Data Protection Act (PDPA)
- 🇿🇦 South Africa Protection of Personal Information Act (POPIA)
- 🇰🇷 South Korea Personal Information Protection Act (PIPA)
- 🇪🇸 Spain cookie consent law
- 🇨🇭 Switzerland new Federal Act on Data Protection (nFADP)
- 🇬🇧 United Kingdom: United Kingdom data protection laws / Data (Use and Access) Act 2025 / ICO guidance on "Consent or Pay"
- 🇻🇳 Vietnam Personal Data Protection Decree (PDPD)
Disclaimer: While we try to keep all our content up to date and revisit articles often, be mindful that some of our older articles might be in the process of being updated. Always double-check information you find online and remember that our articles do not constitute legal advice.
Data privacy laws in the United States
Europe has been a trailblazer for data privacy, but the U.S. is quickly catching up, with a growing number of state laws, recurring rumors of a federal privacy law in the works, and enforcement picking up speed in 2025.
.png)
Our comprehensive guide to data privacy in the U.S. is updated regularly, and we have covered a number of state laws in detail (more coming soon):
- California: California Privacy Rights Act (CPRA) / California Consumer Privacy Act (CCPA) / California Delete Act
- Colorado Privacy Act (CPA)
- Connecticut Data Privacy Act (CTDPA)
- Delaware Personal Data Privacy Act (DPDPA)
- Florida Digital Bill of Rights
- Iowa Consumer Data Protection Act (CDPA)
- Montana Consumer Data Privacy Act (MTCDPA)
- Nevada privacy law
- New Hampshire Privacy Act (NHPA)
- New Jersey Data Privacy Act (NJDPA)
- Oregon Consumer Privacy Act (OCPA)
- Tennessee Information Protection Act (TIPA)
- Texas Data Privacy and Security Act (TDPSA)
- Utah Consumer Privacy Act (UCPA)
- Virginia Consumer Data Protection Act (VCDPA)
In addition to these law-focused guides, we also cover U.S.-centric topics to help you understand (and navigate) the unique patchwork and news coming out of North America:
- What are the four common ways to comply in the U.S.?
- Understanding sensitive personal information (SPI) in the U.S.
- The elusive federal privacy law: uncovering the potential role of U.S. Intelligence
- The EU-U.S. Data Privacy Framework (DPF): Where do we stand?
- What can you learn from Healthline’s $1.55M CCPA settlement?
- Navigating children's data privacy compliance in the U.S.
We are constantly releasing updates to our CMP to address the growing U.S. regulatory ecosystem, and have acquired Sourcepoint, a data privacy technology company with strong publisher market share, over 200 global enterprise customers, and a leadership with extensive experience in the U.S. Read our interview with Brian Kane, the company's co-founder and COO to learn more, and follow A Little Privacy Please, the weekly update from Julie Rubash, General Counsel and Chief Privacy Officer at Sourcepoint, to stay up to date with everything data privacy in the U.S.
Data privacy frameworks you should know about
Last but not least, compliance is made easier by the frameworks and standardization efforts put in place across our industry. Some of the most important you should know (and leverage) are:
- Transparency and Consent Framework (TCF) v2.3
- Google consent mode v2
- Microsoft UET consent mode
- Amazon Consent Signal (ACS)
- Global Privacy Protocol (GPP)
- Global Privacy Control (GPC)
Note that Didomi integrates with all these initiatives. Let us know if you have any questions.
Data privacy deep dives: Advanced topics and news
Let's go beyond the basics and look at some of the hottest privacy topics for 2026.
Advanced data privacy guides
For seasoned data privacy professionals, the devil is in the details and while you'll find the core of our more specific product guidance in our Help Center, our blog also regularly features deep dives worth exploring. Some readings we recommend for 2026 are:
- The role of AI technologies in privacy-first solutions: How we use AI in our products at Didomi
- How does consent management work for Connected TV (CTV)?
- Understanding how your CMP impacts your INP score and your Core Web Vitals
- How to reduce your vendor list?
- How to navigate the intersection of analytics and Privacy UX?
- Essential guide to mobile compliance
- What are consent analytics? (with use cases)
- What is the difference between a CDP and a PMP?
- Managing consent across domains and devices: How does it work?
- How to automate consent management with n8n?
- How to ensure the integrity of your consent flows?
- What is the digital stack every marketing team needs in 2025 and beyond?
- How to balance AI and data privacy?
- What are "Consent or pay" models?
- How to maximize media performance with offline conversion tracking?
If you're interested in digging even deeper about the state of consent globally, take a look at our yearly benchmark, where we share proprietary insights on consent performance in different countries, environments, CMP configuration, and more (the 2026 edition will be out in the coming weeks):
Data privacy in practice with our client case studies
The best way to grasp a concept is often to witness it in action, from inception to results. This is what we're offering with our large selection of case studies, co-created with trusted clients and partners over the years, across several industries, countries, and challenges. Here are the case studies we published in 2025:
- Webedia x Didomi: Centralized consent management for 130 mobile applications
- A premium online experience: Société des Bains de Mer partners with Welyft and Didomi
- How OPCO Santé increased its overall consent rate by 40% in less than a year
- How Booli manages user consent for its 1 million weekly users across Web and App environments
- Algeco & Dékuple: A successful data strategy supported by Didomi and Addingwell
- Europcar's strategy to gain up to +18% more consent and +12% more collected events.
- OUIGO x Yuri & Neil x Addingwell x Didomi: Combining performance, transparency & compliance
- How Chantelle gained +12% traffic and reached a 68% consent rate
This is of course only the most recent testimonials we published. Explore our full list of case studies to discover the work we conducted over the years with leading companies and teams around the globe.
Data privacy news you should know about
2025 has been an extremely active year, even by general standards for an industry that is constantly shifting and moving. To ensure you have everything you need to tackle 2026, read these:
- EU Digital Omnibus: Here's what you should know about the GDPR simplification project
- What can you learn from Healthline’s $1.55M CCPA settlement?
- Is the TCF illegal? A rational look at the IAB Europe vs Belgian APD situation
- Google Chrome is keeping third-party cookies after all: What does it mean?
- EU-U.S. Data Privacy Framework (DPF): Where do we stand in 2025?
- Withdrawal of consent: The underlying question in the CNIL's Orange decision
- Understanding the CJEU ruling on data controller accountability and pseudonymized data
- Does Google Tag Manager (GTM) require user consent? Breaking down the 2025 decision from Germany
- ICO review of UK websites’ cookie compliance: Everything you need to know
The best way to stay in the loop is to follow us on LinkedIn, where we share daily content on data privacy, and give the mic to experts, both in-house and external, to share their knowledge and experience.
Opinions and insights from data privacy pros
Our blog has grown over the years into a space where experts, both in-house and external, can take the stage and share their perspectives and insights on current trends, challenges, and the future of data privacy. Guest writers have covered topics from consent management to AI, U.S. privacy, and more in op-eds, guides, interviews, and webinars. Here are some of the great guest content we published in 2025:
- Can you collect analytics without user consent? Interview with Iron Brands, co-owner at Simple Analytics
- AI and privacy: What B2B decision-makers need to know by Irina Maltseva
- GDPR vs. reality: Data protection from theory to practice (2018-2025) by Samantha Buigné
- The Data Privacy Framework: doomed-by-design? by Thomas Adhumeau
- TCF ruling, May 14: Kafka, wearing a GDPR hoodie, spotted leaving the courtroom by Thomas Adhumeau
- How working in privacy changed the way I think about my own data by Irina Maltseva
- Privacy is dead. Long live privacy! by Brian Eckert
- CNIL’s pixel proposal: Summertime buzzkill for privacy professionals by Thomas Adhumeau
- GDPR, data governance, and why it's never 'just a log' by Adriano Sanges
- Atlas browser by OpenAI: The end of free consent? by Thomas Adhumeau
- Privacy Next: A certain story of the future by Aurélien de Oliveira
- Omnibus project: Chronicle of a European imaginary invalid by Thomas Adhumeau
If you have something to contribute, please reach out! The team would be happy to read your pitch and consider you for a spot on our blog. And if you want to watch more expert content in video format, check out our top data privacy webinars for 2026, including our number one digital event of the year, a discussion with Max Schrems on the next chapter of data privacy:
What's next? Continue learning about data privacy in 2026
We hope you find this list of data privacy resources useful and will be able to leverage them in the year ahead. To continue learning about data privacy this year, you have options:
- Follow us on LinkedIn
- Discover our Didomi academy (available for customers and partners)
- Browse our webinars
- Sign up for our email and LinkedIn newsletter
Lastly, our formal 2026 predictions are coming: we asked a panel of world-class privacy experts what they anticipate will be the biggest privacy topics to watch out for the upcoming, and we're releasing it all in an article in the coming weeks. Stay tuned!
.avif)
