The best data privacy resources for 2025

Every January, we put together a comprehensive list of data privacy resources, articles, and materials to help you start the year on the right foot.

‍

This year, we have a particularly complete selection, giving you everything from essential readings on basic data privacy concepts to advanced guides, thought-provoking opinions, and webinars. Get your bookmarks ready!

‍

Data privacy 101: Essential concepts for 2025

Let's start with some basic reading on essential data privacy concepts you need to know about:

• What are dark patterns? (with examples)
• What is Privacy UX?
• What is a privacy policy (and how do I create one)?
• What is a Privacy Impact Assessment (PIA)?
• What is a Data Subject Access Request (DSAR)?
• What is consent fatigue?
• What is consent marketing?
• What is the difference between zero, first, second, and third-party data?

These cover a wide range of topics that are bound to come up again and again this year. Once you're familiar with these concepts, digging down specifically on consent management is a good next step.

‍

Consent Management Platforms (CMP): Where to get started?

These articles cover everything you need to know about consent management and consent management platforms:

• CRM, CDP, DMP, CMP, PMP: What is the difference?
• Top 10 best CMPS for 2025‍
• The ultimate guide to consent banner formats
• ‍Consent collection in Europe: 2024 benchmark‍
• What are consent analytics? (with use cases)
• Examples of cookie banners balancing compliance and user experience

Our Didomi CMP is a certified gold-tier Google partner, but to make sure it's the right fit for your specific needs, we put together a guide covering everything you should know before making a decision on your consent management provider. Download it for free on our website:

Managing regulatory compliance: Laws and frameworks

Compliance is an important aspect of the data privacy conversation, and we strive to help our readers, clients and partners see more clearly through the often confusing patchwork of regulations around the world. Here are some useful guides to bookmark.

‍

Data privacy laws around the world

In our country guides article series, we cover the various regulations and intricacies of data privacy laws globally. Some of the country topics we have covered over the years (so far) include:

• 🇦🇹 Australia data privacy laws
• 🇧🇪 Belgium data protection law
• 🇧🇷 Brazil LGPD
• 🇨🇦 Canada PIPEDA, Law 25 and Bill C-27
• 🇨🇿 Czech Republic cookie and consent regulations
• 🇩🇰 Denmark cookie laws
• 🇫🇮 Finland cookie and consent regulations
• 🇩🇪 Germany data protection laws
• 🇮🇳 India Digital Personal Data Protection (DPDP) Act
• 🇮🇩 Indonesia Personal Data Protection (PDP)
• 🇮🇪 Ireland cookie consent regulation
• 🇮🇹 Italy privacy guidelines
• 🇯🇵 Japan Act on the Protection of Personal Information (APPI)
• 🇳🇱 The Netherlands privacy law
• 🇳🇴 Norway cookie laws
• 🇸🇬 Singapore Personal Data Protection Act (PDPA)
• 🇿🇦 South Africa Protection of Personal Information Act (POPIA)
• 🇰🇷 South Korea Personal Information Protection Act (PIPA)
• 🇪🇸 Spain cookie consent law
• 🇸🇪 Sweden data privacy laws
• 🇨🇭 Switzerland new Federal Act on Data Protection (nFADP)
• 🇬🇧 United Kingdom data protection laws
• 🇻🇳 Vietnam Personal Data Protection Decree (PDPD)

Disclaimer: While we try to keep all our content up to date and revisit articles often, be mindful that some of our older articles might be in the process of being updated. Always double-check information and remember that our articles do not constitute legal advice.

‍

How to navigate data privacy in the United States?

If Europe has been leading the charge in terms of privacy regulation since GDPR, the U.S.has also become a vibrant player in the space, with a lot of activity and the possibility of a federal law always lurking around the corner.

‍

Our comprehensive guide to data privacy in the U.S. is updated regularly, and we have written about a number of state laws in details:

• California Privacy Rights Act (CPRA) and California Consumer Privacy Act (CCPA)
• Colorado Privacy Act (CPA)
• Connecticut Data Privacy Act (CTDPA)
• Delaware Personal Data Privacy Act (DPDPA)
• Florida Digital Bill of Rights
• Iowa Consumer Data Protection Act (CDPA)
• Montana Consumer Data Privacy Act (MTCDPA)
• Nevada privacy law
• New Hampshire Privacy Act (NHPA)
• New Jersey Data Privacy Act (NJDPA)
• Oregon Consumer Privacy Act (OCPA)
• Tennessee Information Protection Act (TIPA)
• Texas Data Privacy and Security Act (TDPSA)
• Utah Consumer Privacy Act (UCPA)
• Virginia Consumer Data Protection Act (VCDPA)

In addition to these law-focused guides, we have published about a lot of U.S.-centric topics to help you understand (and navigate) the unique patchwork that is U.S. data privacy:

• What are the four common ways to comply in the U.S.?
• The American Privacy Rights Act (APRA): Everything you need to know
• The prospect of a federal privacy law in the U.S.: What could change in 2025?
• The elusive federal privacy law: uncovering the potential role of U.S. Intelligence
• Understanding Sensitive Personal Information (SPI) in the U.S.

We have recently released a significant update to our CMP to support for more regulations in the United States, along with extra features for organizations looking to comply in the U.S. To learn more, head to our guide (including an up-to-date map and tracker):

{{us-map-link}}

Data privacy frameworks you should know about

Last but not least, the regulatory ecosystem wouldn't be what it is with frameworks and standardization efforts by various players that make it easier for organizations to comply. Some of the most important you should know are:

• The Transparency and Consent Framework (TCF)
• Google consent mode
• ‍Microsoft UET consent mode‍
• Global Privacy Platform (GPP)‍
• Global Privacy Controls (GPC)

A good understanding of these initiatives will be critical to navigate your data privacy requirements. Note: Didomi integrates with each of them. Let us know if you have any questions.

‍

Data privacy deep dives: Advanced privacy topics and news

Now that we've covered the essentials as well as some compliance groundwork, let's look at some of the hot topics of privacy.

‍

Hot data privacy topics you should know about

Here are some of the most vibrant topics of the past years which are guaranteed to continue to spill ink in 2025 (more on that later in the article):

• Learn more about Google and its ever-allusive 3rd-party cookie deprecation plans‍‍
• Alternatives to third-party cookies: Server-side, universal ID solutions, or data clean rooms‍
• How to balance AI and data privacy?‍
• What are "Consent or pay" models?
• Is Spain leading the way regarding paywalls in Europe?

We share daily guides and data privacy news on social media, make sure to follow us on LinkedIn to stay up to date with the latest hot topics.

‍

Deep dive in advanced data privacy topics

Beyond the news cycle, some topics are worth digging into if you want to explore data privacy further and deepen your understanding of the field. Some readings we recommend are:

• How does consent management work for Connected TV (CTV)?
• What is the difference between server-side and client-side tagging?
• Understanding how your CMP impacts your INP score and your Core Web Vitals
• ‍How to reduce your vendor list?
• How to navigate the intersection of analytics and Privacy UX?

Every year, we publish a thorough data privacy benchmark, showcasing proprietary insights on consent performance in different countries, environments, CMP configuration, and more. Check out our latest edition and stay tuned for the 2025 benchmark coming soon:

Hear from our clients with Didomi case studies

Who better to talk about sound consent management practices and how Didomi can help than our clients themselves? We have been lucky to build fruitful, lasting relationships with a number of our clients, across several industries, who were eager to share their experiences:

• How did La Philharmonie de Paris deploy a CMP on its digital environments?
• How did Didomi support its partner URSA Marketing in tackling the challenges of Law 25 in Canada?
• How does CPEx collect user consent across 300 websites?
• Webedia x Didomi: Centralized consent management for 130 mobile applications

Tired of reading? Check out our video case study with ING Spain, one of the leading banking institutions in the country, where the team explains how they leveraged Didomi to build a comprehensive, unified consent strategy:

Learn from the experts: Opinions and insights from data privacy pros

Something we're particularly proud of at Didomi is our ability not only to have built a team of privacy experts and talents, but also to team up with other industry experts to share valuable perspectives and insights on current trends, challenges, and the future of data privacy. Some standout articles from last year you should read include:

• ‍The traceability of consent: Pillar of transparency and prerequisite for information sharing?
• Rethinking employee upskilling for the future of privacy and AI compliance
• Connected TV (CTV) in Europe: A closer look at privacy and identity
• What’s next for third-party cookies? An update from our CEO

One of the standout events of 2024, with plenty of insights and relevant discussion for 2025, was our discussion with Max Schrems on the future of user content. If you missed it, you can find the recording online:

‍

‍

‍What's next? Data privacy topics to watch out for in 2025

Finally, our team has already started to cover what we believe will be the main topics for the upcoming year. If you must pick 6 articles from the whole post to get ready in 2025, read these:

• The end of third-party cookies in Google Chrome and what alternatives to consider‍
• Understanding the CNIL recommendation on mobile apps for 2025‍
• AdTech companies must start actively monitoring their partners compliance. Here’s why.‍
• The prospect of a federal privacy law in the U.S.: What could change in 2025?‍‍
• What is Financial Data Access (FiDA), and how to get ready? ‍
• What is server-side tagging?

On that last point, watch the following video to learn about server-side tagging from our Chief Privacy Officer, Thomas Adhumeau:

‍

‍

Continue learning about data privacy in 2025

We hope you find this list of data privacy resources useful and will be able to leverage some of it in 2025. To continue learning about data privacy this year, you have several options:

• Follow us on LinkedIn
• Discover our Didomi academy (available for customers and partners)
• Watch our webinars
• Sign up for our email or LinkedIn newsletter  

Lastly, do you have a data privacy opinion or expertise to share? We're opening slots for blog contributors and are always eager to collaborate with talented data privacy professionals.

‍

{{become-a-contributor}}