Consent Management & TCF by IAB
Consent management and data privacy topics are getting loud globally and will not fade down even next year. Starting from 2018 when GDPR was introduced in Europe, continuing this year with the 3rd party cookie alternative searching and expecting a new privacy law in the US. Altogether with privacy comes the need for consents for processing online users’ data. IAB proposes a universal framework that helps manage all users’ consents and verify the transparency of global data providers. Let’s take a closer look at how it works and what consent string contains.
What’s the problem with the management of users’ consents?
It’s not new that the page visitors must agree to share their personal data during their first visit. They do this once, so respective info about their permission is stored on the browser cookie file until the browser’s history is cleared. The cookie file stores the user’s preferences to deliver personalized customer experience every time the user comes in. Without the user’s consent, some websites serve just basic functions, some of them, however, do not serve anything.
Cooperating with publishers, advertisers adjusted the users’ cookie data to show the most relevant and tailored ads to the specific users, and they liked that. As the statistics present now, 46% of customers admit that the best advantage of personalized ads is reducing irrelevant ads, 25% of them like the discovering of new products and 19% admits that shopping became a lot faster and easier.
The problem appears when there is no way to deliver cookie data from the publisher to the advertiser, although the user’s permission had been given. This type of cookie we call 3rd party cookie, and it’s blocked by default in Safari, for example. It will be blocked conditionally in Chrome from February 2020. So, the digital advertising market needs to find something instead - a solution that is equally payable, with transparent technology and privacy requirements being met.
IAB Tech Lab proposed Transparency and Consent Framework 2.0 (TCF) refers to personal data and helps all parties in the digital advertising chain ensure they comply with the latest market standards. It provides transparency to consumers about how, and by whom, their personal data is processed within so-called, consent strings.
Moreover, the TCF enables vendors engaged in programmatic advertising to know ahead of time whether their own and/or their partners’ transparency and consent status allow them to lawfully process personal data for online advertising and related purposes.
Consent string example and definition
Consent string term was introduced by IAB within their first version of TCF after GDPR took effect. The consent string is located on the same browser cookie and identifies important things about vendor which is included in IAB’s Global Vendor List:
- who is the vendor,
- their purpose of data use,
- the acquired consent status
The consent string is passed between exchanges that participate in the advertising process.
How does it work in practice? The publisher has Consent Management Platform (CMP), where all the page visitors’ consents are stored. The publisher cooperates with AdTech companies that have or do not have consent from the users to use their data for advertising purposes. Later, this information is conveyed to DSP, where the ad inventory is bought by the advertiser. And finally, ads served in programmatic model, are displayed only to users who agreed for processing their data for marketing purposes.
What is Consent Management Platform?
Consent Management Platform (CMP) enables the AdTech companies managing of their users’ consents within one ecosystem. CMP generates the content string for each vendor automatically and places there the actual purpose of the users’ personal data use and the respective consent status. Important to mention, the vendors can’t see the purposes of the other vendors who are also on the GVL.
OnAudience is a partner of TCF 2.0
OnAudience is a partner of TCF and supports it since the 1.1 version. We continue to be compliant with IAB’s TCF 2.0 too. Also, we are ready to adapt IAB’s CCPA specs that will come into force on 1 January 2020.
The TCF standards refer to personal data and OnAudience process only anonymous data about internet users. As one of the world’s largest data providers, we support digital industry initiatives that aim to improve data privacy, so we treat joining those projects as the next step to higher transparency and privacy standards and to providing audience data of the highest quality.