This time, we would like to introduce to you a company called Glimpse Protocol. Glimpse Protocol provides a “Privacy-as-a-Service” solution, a technology platform (which is approved by the Information Comissioner’s Office!) to the AdTech community.
This is important because this week the EU made a turnover ruling on the Interactive Advertising Bureau (IAB)’s Transparency and Consent Framework (TCF). But the findings go much further than the TCF. They found out that CMPs do not provide a lawful basis for processing personal information. The headlines:
– Personal data requires a lawful basis for processing.
– There are two realistically available for AdTech: legitimate interest, or informed consent.
– Legitimate interest has been ruled unlawful.
– The EU finds that CMPs do not – and cannot – establish “informed consent”.
That said, AdTech companies cannot sit back and wait for the IAB to update the TCF. The findings in this ruling make it very clear that they have no lawful basis for processing personal data. DPIAs must be updated. Practices must change.
To emphasize this further, the ruling almost certainly means that any data collected historically through the TCF must now be deleted.
You can read more about this in Glimpse’s Protocol blog on the following link.