 |
|||||||||||
|
|||||||||||
 |
| Problems for IAB Europe's TCF Get Bigger, Go Deeper |
 |
| Whenever European residents visit an ad-supported website, they are bombarded with pop-ups asking for confirmation of privacy choices. They have been for years. Do you want to be tracked or have the functional, bare minimum number of cookies operational? It’s managed by IAB Europe’s Transparency and Consent Framework (TCF), and recent research from Adalytics found that although people are saying no to being tracked, well… they’re being tracked anyway. |
 |
| Where to start? Those annoying pop-up boxes have been for nothing if wishes aren’t respected… and who’s keeping tabs to ensure that this is enforced and runs smoothly and accurately? Adalytics looked at data to see how adtech responds to user signals that request basic, or non-tracking-based ads in an effort to see what ad tech vendors do after users opt-out of personalized ads. Evidence "suggests that many adtech vendors continue to track and profile Internet users when they have explicitly said they don’t want tracking-based ads.” For example, “a user with a French IP address visits the news website lemonde.fr and — despite not consenting to any cookies or purposes offered in the consent banner — they see HTTPS request being sent to id5-sync.com, which responds by setting a cookie called id5 for three months, and triggering a 302 HTTP redirect to sync data with rtb-csync.smartadserver.com. This specific HTTPS request that was sent to id5-sync.com contains the previously mentioned TCF string in a query string parameter called gdpr_consent, the researchers report, adding that: “The domain id5-sync.com belongs to ID5, a London-based identity platform for the digital advertising industry.” In addition, Adalytics reviewed large-scale, automated tests via crawler data from 48,698 different publisher domains. The company discovered “tens of thousands” of ad requests erroneously claiming the GDPR does not apply to web users who were actually in the EU.” What’s troubling about some of Adalytics’ findings is that many adtech vendors are not doing their due diligence and checking to make sure that the TCF they are using is doing its job accurately. “Adtech vendors have not taken the time, money and engineering labor hours to properly configure their servers and APIs, Adalytics’ founder Krzysztof Franaszek told TechCrunch, discussing the research. In theory, all TCF participants… should have set up their servers and APIs in a way that checks and validates the TCF strings. If an API receives some user data, to which the TCF string shows the user has not consented, the vendor should immediately discard and avoid doing anything with that data.” IAB Europe responded, placing the onus on the vendors to ensure data is processed right. “TCF is mainly a policy and technical standard that companies can implement in their commercial relationships, but using the TCF does not alleviate any vendor from their responsibility to fully comply with the GDPR. While it is the responsibility of the vendor to make sure they are applying the TCF appropriately, IAB Europe provides support to make sure the TCF is implemented correctly and addresses non-compliance.” It’s all woven and connected to IAB Europe’s violation of GDPR. “The IAB was aware that its tracking system violated GDPR before they launched it and they did so anyway, per a group of complainants coordinated by the Irish Council for Civil Liberties.” |
|
 |
|
||
|
||
| Regrets, Identity Vendors May Have Had a Few | ||
| ID solutions for the open web will be invaluable for publishers revenue growth. And all signs point to the adoption of a portfolio approach among publishers (and marketers too). Nearly 80% of publishers are open to using multiple identity solutions, according to Lotame’s report “Beyond the Cookie: Identity Solution Testing & Adoption Among Marketers and Publishers.” With more than 80 ID partners to choose from, it’s hard out there for a publisher to land on the right mix of cookieless solutions to meet their full funnel needs. Identity vendors certainly didn’t make it easier on anyone with the finger pointing and infighting this year. Everyone claimed their privacy to be the best or the only one that works. In this war of words, no one wins. |
||
|
||
| In reality, all ID partners have to work together to preserve the open web. Interoperability will be the key to achieving that and ensuring consumers get the transparency and control they want. As 2021 draws to a close, let’s resolve to leave the backstabbing in the past and work toward our common goals to make the open web more efficient and effective for everyone. A cookieless future is closer on the horizon and identity solutions will be part of that new world. Peace to digital — peace out, cookies — and goodwill to all, publishers, marketers and identity vendors alike. To learn how publishers are gearing up for 2022 and beyond, get your free copy of “Beyond the Cookie: Identity Solution Adoption & Testing Among Marketers and Publishers” here. |
||
|
||
|
 |
||||
|
||||
 |
||||
|
||||
 |
||||
|
|
|
