VAST macros / Identity and privacy

[REGULATIONS] VAST macro

Short answer: Active privacy regulations for the request (e.g. GDPR, COPPA, CCPA). Introduced in VAST 4.1.

What it means

A list of privacy regulations that apply to the request so downstream systems can apply the right handling. Complements the more specific [GDPR] and [GDPRCONSENT] signals.

Example value

After the player substitutes the macro, [REGULATIONS] becomes something like:

gdpr

gdpr

Where it is valid

Impression, tracking, click, and verification URLs.

Macros are case-sensitive and substituted only inside URL fields. A macro written in the wrong case, or placed where it has no defined value, is sent to the server as literal text instead of a value.

Using it in a tag

<Impression><![CDATA[https://t.example.com/i?val=[REGULATIONS]&cb=[CACHEBUSTING]]]></Impression>

<Impression><![CDATA[https://t.example.com/i?val=[REGULATIONS]&cb=[CACHEBUSTING]]]></Impression>

VAST XML fragment only. This excerpt belongs inside a complete VAST document, so standalone validation will fail until it is wrapped in a full <VAST>response.

Related vastlint rules

VAST-2.0-macro-unknown: URL contains a [MACRO] that is not a recognised IAB VAST macro
VAST-2.0-macro-lowercase: Recognised macro is not uppercase — players match macro names case-sensitively

Related macros

Validate your macros

vastlint flags unknown, mis-cased, deprecated, out-of-context, and unencoded macros in any tracking, click, error, impression, or media URL:

# CLI: exits non-zero on errors, ideal for pipelines
vastlint check creative.xml

# CLI: exits non-zero on errors, ideal for pipelines
vastlint check creative.xml

Use the right tool for this failure

If you already have the resolved XML, run a pure spec check. If you only have a live tag URL, test that endpoint first. If the failure happens in the wrapper chain, inspect each hop.

Validate this XML →Test this live URL →Inspect this wrapper chain →