Google announced it joined IAB Europe’s Transparency & Consent Framework (TCF) v2.0 on August 15th 2020, thus integrating its ads systems with this standard for data privacy. In this blog post, we will discover the consequences of this integration, and in particular what changes it implies for publishers.
- What is IAB’s TCF v2.0
- Google joins IAB’s TCF v2.0. What does it mean?
- What changes for publishers
- How Google’s 90-day grace period works
- The right support
What is IAB’s TCF v2.0
Following the implementation of GDPR (a set of rules that harmonize and strengthen data protection for individuals across Europe) in 2018, IAB Europe developed the “Transparency and Consent Framework”, a standard to easily collect consent from users and share it with the rest of the supply chain. By applying this framework, publishers can inform their users of what data is being collected, what vendors are going to use it and why. For each of these items, users can give or deny consent, and their choice can then be shared with other players in the advertising market. Since August 15th 2020, there’s a new version of the framework, called TCF v2.0: among its main updates, there’s the possibility for consumers to authorize or deny consent, as well as to exercise the “right to object” for their data to be processed.
You can find more information on what the Transparency and Consent Framework v2.0 is and why it is important for GDPR in this dedicated blog post.
Google joins IAB’s TCF v2.0. What does it mean?
After participating in the TCF v2.0 Working Group with IAB Europe, Google decided to adopt the new framework. Hence it started a process to integrate its ads systems with IAB’s standard. What does this mean? As Google itself explains: “We will begin reading and passing the TC string for all ad requests”, checking if the string is compliant with the TCF v2.0 standards.
What changes for publishers
This integration applies to the ad spaces of every publisher that uses Google for monetizing their websites and apps. Hence it requires some measurements to be taken to make sure that the strings are, in fact, compliant with the framework. It is important that publishers verify the way they currently gather consent for data usage.
To help publishers in this verification process, from August 15th 2020, Google offers them a so-called “grace period” of 90 days. During this time, publishers can check that their implementation of the TCF v2.0 is working properly, and, if necessary, address any unresolved issues.
How Google’s 90-day grace period works
Here is how Google’s 90-day grace period works. First of all, Google notifies publishers about possible errors in the TC string associated with their website or app, by sending a report of the errors detected over the last 7 days. Then, publishers will have a 90-day grace period for solving these errors and misconfigurations. The grace period will differ depending on the type of error detected.
There are 5 different kinds of grace periods:
- Grace period 0: it occurs when publishers have misconfigured their CMPs and failed to send a valid TC string;
- Grace period 1: when there are significant flaws in the TC string;
- Grace period 2: when publishers integrated with the TCF v2.0 before Google had been included on the IAB global vendor list. In this case, Google requires publishers to reobtain consent.
- Grace period 3: when TC strings includes global scope and out-of-band scope;
- Grace period 4: when a user has opted into Special Feature 2 or the publisher works with vendors who are registered for Special Feature 2.
For each one of these issues, Google requires specific actions. Check our knowledge base article for more information on the possible errors and how to resolve them.
The right support
It is critical for publishers to have the right support for navigating this transition, with solutions that allow them to be fully compliant with GDPR in an easy and flexible way. Clickio is one of the first partners to offer a consent management solution, Clickio Consent Tool, that can set consent workflows quickly and easily, and that is fully compliant with IAB’s standard. Clickio is officially registered as an IAB Consent Management Provider, and it is among the first CMPs to pass all the conformity checks for the Transparency and Consent Framework (TCF) v2.0.