It’s been two years since the General Data Protection Regulation (GDPR) went into effect in Europe and over the course of these two years the publishing and adtech industries have taken the time to adopt, adapt, and apply the principles of GDPR to their business.
A quick refresher: GDPR is a data protection regulation which gives consumers in the EU/EEA the right to say yes to the online collection of their personal data. In addition to a number of other rights, consumers have the right to know what data an online entity has collected on them and to have their data deleted. However, for all business owners with an online presence, understanding the privacy requirements and knowing how to apply them are two very different matters.
This is where the IAB comes in. Back in 2018, the Interactive Advertising Bureau (IAB) introduced the Consent Management Platform (CMP) which is a mechanism to:
- Inform users about the data being collected on them and the purposes for this data collection
- Provide users with an option to opt-in (consent) or opt-out of data collection
- Help other publishers and ad tech companies understand whether the user had given consent (opted in) to the collection of their personal data
There are many CMPs in the market; ShareThis’s GDPR Compliance Tool being one of them. As publishers globally have embraced the use of CMPs, they’ve provided the IAB with feedback, which has been incorporated into version two of the IAB TCF. These updates include:
- Greater control over selections for the publisher
- More granular purposes
- Integration of legitimate interests in the framework
- Heightened CMP certification standards
Don’t have a CMP for your website? We strongly encourage you to get a CMP to help you comply with GDPR and avoid potential fines. With our CMP, you’ll be able to set your CMP to display only to visitors in Europe, regardless of where your domain is based.
This post is not intended as legal advice on your company’s GDPR compliance.