‘It’s all incredibly confusing’: Publishers complain GDPR consent signals are ignored by ad buyers

Some publishers believe the problem is due to some DSP partners not being equipped to recognize opt-in users. Digital sports publisher Givemesport lost a five-figure sum in the last month because one of its video DSP partners wasn’t properly detecting the consent signals. That meant one of its agency partners was only seeing an eighth of the publisher’s inventory, according to Ryan Skeggs, gm for Givemesport.

The DSP in question had been giving the publisher the run-around in its responses, which meant it took a while to figure out what the issue was.

“The agency thought that’s all we were sending them,” said Skeggs. “DSP tech is obviously not up to scratch if it’s only registering an eighth of our ad requests to our agencies. That is a terrible scenario to be in for the agency and the publisher. We both lose out as we can’t sell inventory and the agency can’t buy enough decent inventory.”

According to publishers, some DSPs are not recognizing consent, some are, while others are only accepting placements if consent has been given, and the rest are somewhere in the middle, according to publisher sources.

“Nobody seems to have any idea what anyone is doing. It’s all incredibly confusing,” said a publishing executive. “It’s like [kids’ games] Stuck in the Mud, Leapfrog, Kiss Chase and British Bulldog all being played together at the same time on the same playground. Only nobody is really sure which game they signed up for.”

The bottlenecks partly stem from the fact companies are not all compliant within the same consent frameworks, according to ad tech vendor executives. The Interactive Advertising Bureau’s methodology is not accepted by all DSPs yet, and neither is Google’s — so DSPs are not reading consent signals in a standardized way, they say. Google is yet to integrate with the IAB Europe Transparency and Consent framework, which it has promised to do by the end of August.

The fact that there are different frameworks and so no single standardized way of reading consent signals yet has led some vendors to create hacks to try and get the best response rates, according to ad tech execs.

That means people are amending consent signals that come from different frameworks so that they can transfer across to other players in a digital ad supply chain, regardless of what framework’s consent signals they use. But in doing so, they’re potentially causing errors in the technology, which could be causing the blockages around the publishers’ opt-in inventory being passed back to buyers, according to sources. “Wherever there is a hack, there is typically a problem,” said an ad tech executive who spoke on condition of anonymity.

“Some exchanges are converting Google’s consent signals into IAB signals, and when you have all these different methodologies and companies trying to change the consent signal in real time, and there are billions of these happening at once — that can break a process and could affect a DSP’s ability to read it [the consent signal,]” said the same executive.

However, it isn’t all down to the DSPs — publishers may also be causing errors having overlooked technical updates needed for their CMPs to ensure they are sending the correct consent signals, according to sources.

Another theory for why DSPs aren’t always reading the consent signals could be the rise of header bidding, where many DSPs are seeing five times the amount of traffic they had before the programmatic ad buying method was introduced. To combat the additional strain that responding to this volume of ad calls would have on the DSP’s tech, plus the additional costs it would incur, many are simply filtering out a portion of inventory and ignoring the ad calls.

Other publishing executives have said that the DSPs are simply not ready for GDPR and so are ignoring consent signals from the IAB until they can fully understand it. Until they do, it means publishers that have already weathered the gauntlet of encouraging opt-in user consent, may not be able to leverage that to its full capacity.

“It would be good to see SSPs, DSPs and other partners being fully approved by the IAB and not just being on a vendor list. We need to know that they can use the consent properly and pass it on correctly,” said a publishing executive.

The IAB Europe has stated that certification of technical and policy compliance is on its road map.