The Largest Digital Marketing Community Worldwide | Become a Member

    2. /
    3. International Association of Digital...
    4. /
    5. ‘Like an atomic bomb’:...

‘Like an atomic bomb’: So what now for the IAB’s GDPR fix after regulator snafu? | International Association of Digital Marketing Professionals (IADMP)

‘Like an atomic bomb’: So what now for the IAB’s GDPR fix after regulator snafu?

Aaron February 3, 2022

By Seb Joseph

The guardrails the ad industry erected to maintain its compliance with Europe’s wide-ranging data protection law aren’t able to actually do so, according to data protection watchdogs — led by the Belgium Data Protection Authority. The consequences of this ruling could throw a significant wrench in how data is collected — and who is responsible for fixing the issue.

Furthermore, those guardrails, known as the “Transparency & Consent Framework” (TCF), were found by the watchdogs to be unlawful.

Simply put, the popups asking people for consent whenever they land on a site are illegal.

That means all data collected via those popups from more than 1,000 companies including Google and Amazon must be deleted as a result. Nixing it all presents massive logistical and technical challenges, like how to verify the data and whether the data is actually deleted.

Needless to say, advertisers, publishers and everything in between will need to assess their reliance on the framework immediately. Being as many of those businesses paid IAB Europe for this utility, it could put the trade group in an awkward position.

So it will be interesting to see if — and to what extent — they try to indemnify the trade body for costs involved and damages incurred, said Ruben Schreurs, group chief product officer at Ebiquity.

The ramifications of this ruling are monumental.

Take retargeting, for example. Large swathes of it could be illegal if ads run on sites where TCF is employed. The level of precise engineering and quality assurance needed to fix issues like this would be unprecedented. Not least because data gained from TCF is ubiquitous to the point where it’s woven into the very fabric of the online ad market. Any revamp of TCF means industry-wide overhauls to the way advertising works across the European Union corner of the web.

The truth is no one really knows what this means right now. It’s not even clear if the regulators will be able to enforce their own ruling. One thing is certain though: the big tech platforms will be ok with whatever happens given their outlined terms to users. When someone logs into those platforms they’re also consenting to data being shared unless otherwise specified. Publishers don’t have that luxury. The way to get consent to use someone’s data for advertising was via the TCF more often than not.

“This is an atomic bomb for so many things related to online advertising,” said Rob Webster, chief strategy officer at media consultancy Canton.

Why regulators decided TCF ran afoul of the General Data Protection Regulation:

Fails to ensure personal data are kept secure and confidential;
Fails to properly request consent, and relies on a lawful basis (legitimate interest) that is not permissible because of the severe risk posed by the online advertising tracking;
Fails to provide transparency about what will happen to people’s data;
Fails to implement measures to ensure that data processing if performed in …read more

Source:: Digiday

      

Aaron
Author: Aaron

Categories: International Association of Digital Marketing Professionals

Related Articles