November 28, 2023
In the ever-shifting landscape of digital advertising, staying ahead of the curve is not just an advantage—it’s a necessity.
A key area to watch is the evolution of the IAB privacy signal frameworks. The Transparency and Consent Framework (TCF) and Global Privacy Platform (GPP) establish a standardized approach to obtaining user consent for data processing activities in digital advertising, and they are updated periodically to keep pace with new regulations and regulatory interpretations.
Boltive, a trailblazer in automated testing and monitoring services, offers full support for both the newest version of the TCF (v2.2), as well as the full suite of GPP strings.
Technical complexity of these frameworks is very high, and the importance of verifying that implementations and updates are done correctly cannot be overstated, because these frameworks support both compliance and revenue generation.
Mistakes with these signals – either your own, or your ad tech partners’ - are easy to make, and can cause liabilities as well as lost revenue. Boltive can help you ensure that your and your partners’ code updates are working correctly, to both protect your business and drive revenue growth.
The TCF Europe facilitates communication and compliance for ad transactions occurring in traffic within the European Economic Area. The first version of the TCF launched in 2017, and it has evolved alongside developments in regulatory interpretations of GDPR, culminating in the release of the latest version, v2.2, which officially replaced the previous version on November 20, 2023.
Key aspects of v2.2 include updates to allowable GDPR legal bases for certain purposes, improvements to how information is disclosed to consumers, and new requirements for making it easier for consumers to withdraw consent.
The GPP is intended to make it simpler for companies to handle the patchwork of regulatory regimes across national (including Canada) and US states’ borders. Companies using the original IAB California signal, US Privacy, should be aware that it will officially be deprecated on January 31, 2024, in favor of the California string available within the GPP framework.
A critical difference between US Privacy and GPP’s US states’ strings is the number and type of data processing activities for which consent can be communicated via the string. This change allows publishers to give more detail to the ad ecosystem about what types of disclosures were offered to the consumer, and what consent choices that consumer made across a range of specific kinds of data, including sensitive personal information. This is important because some kinds of data are handled differently than others under each state law, and even the definition of “sensitive” can vary state to state.
Another key difference in GPP is the encoding of the string itself. Unlike US Privacy, which was a simple, unencoded 4-digit string that was simple to spot check by visually verifying the values in the bidstream for a given ad request, GPP strings are long and encoded. This makes it more challenging to verify the validity of the string on the fly, making automated monitoring with a tool like Privacy Guard, which can do the heavy lifting for you, that much more important.
The digital landscape moves quickly, and companies relying on outdated or malfunctioning frameworks face more than just potential regulatory fines. The risks also extend to reputational damage and revenue loss. It’s not just a matter of adopting new standards; it’s about executing these complex changes correctly.
Enter Privacy Guard—a steward guiding companies through these critical updates. Our automated testing and monitoring services ensure your and your partners’ transitions to TCF v2.2 and GPP are seamless. We understand that the risks associated with code updates are high. That’s why our services help you confirm that the new signals function end-to-end as expected, providing a safety net for your business.
As the digital advertising industry leaps forward, compliance becomes the cornerstone of sustainable growth. Boltive invites you to embrace these changes confidently. With Privacy Guard by your side, not only can you navigate the complexities of TCF v2.2 and GPP, but you can also ensure that your business thrives in this dynamic landscape.
If you would like to learn more about how Boltive can support your TCF & GPP updates, including a free assessment, sign up for a demo.