"IAB Europe’s Transparency and Consent Framework (TCF) is the first and only global self-regulatory standard that brings privacy and security to each online user and all those involved in digital advertising.
IAB Europe, in partnership with IAB Tech Lab, announced on August 21, 2019 the launch of the second iteration of Transparency and Consent Framework (TCF 2.0). Organizations leveraging the first version of TCF, along with certified CMPs and vendors, have been rushing to upgrade or make modifications to support TCF 2.0 to meet the upgrade deadline of August 15, 2020.
Now that the deadline has passed, the older version will be deprecated, meaning that with lists of features, purposes, stacks, new structure for the string, and several other changes, none of the updates map to anything in previous versions.
For publishers and advertisers that are scrambling to upgrade to TCF 2.0, or those who are new to it, it’s imperative to understand the background of the framework, its benefits, and why it’s getting attention from the leading ad tech organizations.
IAB TCF 2.0 Overview
The IAB Europe Transparency and Consent Framework (TCF) was developed by IAB Europe, IAB Tech Lab, and participants from industry publishers, advertisers, agencies, and tech providers.
The first version of TCF was created to help companies that serve, measure, and manage digital ads comply with certain obligations of the European General Data Protection Regulation (GDPR) and ePrivacy Directive (ePD) when processing personal data or accessing and/or storing information on a user’s device. It consists of technical specifications and policies that assist all companies in the digital advertising supply chain to meet transparency and user choice requirements.
IAB TCF 2.0 Benefits and Positivity in the Market
After receiving feedback on version 1, TCF 2.0 takes better account of a consumer’s choice, a publisher’s control, and communication with ad tech vendors, while providing enhanced functionalities and flexibility allowing it to adapt to stakeholders’ legal requirements, user experience considerations, and business interests.
Organizations in the ad tech ecosystem may worry that leveraging the framework will interrupt ad tech operations. But in fact, the framework was developed to help, not hurt.
The TCF 2.0 allows publishers to streamline a consent communication approach with ad tech partners. On an advanced level, publishers looking to implement TCF 2.0 can control how each ad tech vendor processes user data, which ultimately helps build trust and transparency.
“TCF v2.0 takes the standard to the next level with respect to consumer transparency and choice, publisher control over data processing for advertising and content personalization, and cross-industry collaboration,” said Townsend Feehan, CEO IAB Europe. “We’ve spent the last year providing support and guidance to CMPs, publishers and vendors, and are confident that we have a robust framework in place that can continue to evolve in light of European Court case law and regulatory enforcement”.
Over 500 vendors have registered to implement TCF 2.0, which shows the confirmed scale and support of this effort highlights the industry’s commitment to work together to enable targeted advertising that complies with regulations. Various CMPs have been certified to support TCF 2.0, including OneTrust, who was ranked by Adzerk as the #1 CMP for IAB TCF 2.0 adoption.
OneTrust has been working alongside IAB Europe as a member of the TCF Steering Committee to shape how TCF 2.0 policies are used in practice. Our ongoing participation has helped ensure the best outcome for organizations in the publisher and advertising space whose operations are driven by ad revenue."Stephanie Hanson, Director of OneTrust PreferenceChoice
IAB Framework Global Expansion
IAB TCF 2.0 is just the beginning. The IAB is working on creating frameworks not only for GDPR compliance, but also for a number of other privacy laws around the world.
In addition to TCF 2.0 for GDPR compliance, the IAB CCPA Compliance Framework was developed by the IAB Privacy and Compliance Unit to help digital publishers and their supply chain partners comply with the California Consumer Privacy Act (CCPA).
The IAB CCPA Compliance Framework creates a contractual relationship between digital properties and the downstream framework participants to enforce limitations on the use of data and mechanisms for accountability when a consumer opts-out of the sale of their information. Components under the IAB CCPA Compliance Framework include the CCPA USP String, Limited Service Provider Agreement (LSPA), and CCPA Data Deletion Spec.
Moreover, the IAB Europe recently teamed up with the IAB Tech Lab, a global non-profit technical standards consortium, to develop the IAB Privacy Lab. The IAB Privacy Lab will work to support national IAB chapters in regions where privacy laws are enacted or are in development. The goal is to help identify local requirements for consumer rights and obligations so they can be incorporated into local level standards and tech frameworks.
Lastly, the IAB Privacy Lab will offer IAB’s support for consultations with regulators and corporations and help with communication between legal and policy experts. The Privacy Lab plans to use the TCF for regions where privacy laws are similar to GDPR.
The IAB is on track to help the privacy and advertising worlds collide.