The guardrails the ad industry erected to maintain its compliance with Europe’s wide-ranging data protection law aren’t able to actually do so, according to data protection watchdogs — led by the Belgium Data Protection Authority. The consequences of this ruling could throw a significant wrench in how data is collected — and who is responsible for fixing the issue.
Furthermore, those guardrails, known as the “Transparency & Consent Framework” (TCF), were found by the watchdogs to be unlawful.
Simply put, the popups asking people for consent whenever they land on a site are illegal.
That means all data collected via those popups from more than 1,000 companies including Google and Amazon must be deleted as a result. Nixing it all presents massive logistical and technical challenges, like how to verify the data and whether the data is actually deleted.
Needless to say, advertisers, publishers and everything in between will need to assess their reliance on the framework immediately. Being as many of those businesses paid IAB Europe for this utility, it could put the trade group in an awkward position.
So it will be interesting to see if — and to what extent — they try to indemnify the trade body for costs involved and damages incurred, said Ruben Schreurs, group chief product officer at Ebiquity.
The ramifications of this ruling are monumental.
Take retargeting, for example. Large swathes of it could be illegal if…
