Last chance to secure the best rate on passes is Monday, Jan. 13 | March 24-26 in Vail, CO
In an attempt to get the entire digital advertising industry to comply with the General Data Protection Regulation, the Interactive Advertising Bureau Europe has released a new framework aimed at standardizing the process of gaining consent to collect and use consumer data.
In a nutshell, participating publishers would get to select which ad tech vendors they wish to continue working with for programmatic trading from a centralized list of global vendors that have applied — and paid a nominal fee — to appear on the list. Once publishers have chosen vendors from the list, they must then get consent from the consumer on those vendors’ behalf.
The framework’s purpose
Getting consumers to consent to their data being used under the GDPR will be a challenge for everyone, but it will be far harder for companies that don’t have a direct relationship with them — and therefore aren’t brands that consumers recognize — such as ad tech intermediaries and agency trading desks.
Publishers, on the other hand, are in a strong position to ask consumers for consent. The IAB Europe hopes with this framework that if publishers help gain consent on behalf of third-party vendors, programmatic revenues won’t be choked, as suppliers will be able to continue trading on their supply.
The theory is that a unified approach means users can give consent to multiple vendors at the same time, which would drastically simplify the process. It would also help some ad tech vendors keep their businesses afloat.
A love-hate situation
The industry has had a mixed response to the framework. While the benefits are clear for the some 5,000 ad tech vendors in the Lumascape, which will struggle to gain explicit consent, the benefits for publishers are less obvious. Some believe the framework requires publishers once again to assume the legal risk in order to maintain ad tech’s status quo, while potentially annoying or overwhelming their users with messages asking for consent for dozens of ad tech partners.
For now, vendors aren’t strictly vetted for the list, although they must be a member of a trade body or organization to be on it. In the future, should the industry request it, the IAB Europe can help set up a certification process to validate that each vendor is as GDPR-compliant as it claims, according to Matthias Matthiesen, IAB Europe’s senior manager of privacy and public policy. Matthiesen stressed that participating vendors will also need to demonstrate their own GDPR compliance and privacy policies; they can’t just sit back and allow publishers to take responsibility for that.
But publishers can choose the vendors for which they want to gain consent and if they wish, ignore the rest. “Just as non-authorized resellers fell away with the introduction of ads.txt, vendors who have to this point maintained a parasitic existence, syncing users through non-direct relationships and in the absence of any value exchange, are suddenly looking very exposed,” said a publisher executive. “We saw with ads.txt when suspect vendors tried to get themselves erroneously listed in publishers’ ads.txt files — you can expect to see those under threat to try and persuade the publisher to legitimize their existence via consent, which you can safely assume few publishers are going to allow to happen.”
The idea is that the framework provides the transparency required under the GDPR and creates an audit trail, so everyone can keep abreast of all parties’ compliance status. If the law is violated, there is essentially visibility of who is at fault, added Matthiesen.
The framework needs publisher buy-in
Ultimately, the framework needs publishers to get on board for it to work. So far, publisher response has been lukewarm.
“The current proposal is aimed at maintaining the status quo of an ecosystem which is not sustainable as it is today due to its unbalanced nature,” said Alessandro De Zanche, publisher consultant and former News UK executive. “GDPR is an opportunity for publishers to regain control of the relationship with their user, and through that, [be] given consent for the use of data. This would make publishers much stronger versus the rest of the ecosystem.”
The proposed framework is open for the industry’s feedback, and a final version will be released in mid-April. Until then, the IAB Europe plans to get feedback on it from publishers across Europe.
For some, however, full publisher cooperation on the framework is a long shot. “I don’t see publishers embracing it without significant changes,” said Jason Kint, CEO of publisher trade body Digital Content Next. “It’s designed to attempt to protect the broad interests of the many IAB ad tech companies who designed it.”
The GDPR will have long-lasting effects on how all companies collect and use data. Download Digiday’s primer on all you need to know.
More in Media
AI in 2025: Five trends for marketing, media, enterprise and e-commerce
After another year of rapid AI development and experimentation, tech and marketing experts think 2025 could help move adoption beyond the testing phase.
Media Briefing: What media execs are prioritizing in 2025
This week’s Media Briefing hones in on the business areas that publishing execs say they will prioritize this year – and what they are leaving behind in 2024.
How publishers are strategizing for a second Trump administration: softer news and more social media
When Donald Trump becomes president later this month, some news publishers will have updated tactics and strategies in place to cover a second Trump administration, ranging from a focus on softer news stories to more social media monitoring and engagement.