The General Data Protection Regulation (GDPR), changed the data privacy landscape in Europe. GDPR was designed to harmonize data privacy laws across Europe, giving individuals greater control and transparency over their personal data.
On February 2017, in anticipation of the entry into force of the GDPR, IAB Europe launched a collaborative effort by organizing dedicated working groups, supported by the IAB Europe staff, to deliver, maintain and iterate an industry standard, the TCF, in an attempt to meet the needs of users, industry and regulators.
History of TCF
- On 25 April 2018, TCF v1.1 was launched after an extensive industry consultation with IAB Europe and IAB Tech Lab members, and the broader digital advertising industry.
- On 21 August 2019, TCF v2.0 was launched following extensive industry consultation particularly with publishers and the industry associations who represent all aspects of the industry.
- On 19 August 2020, TCF v2.1 was launched to bring the TCF in-line with Planet49 ruling issued by the Court of Justice of the European Union and standardise the disclosure of the duration of operation of cookies.
- On 16 May 2023, TCF v2.2 was launched to respond to the changes and needs of the industry, and introduce a number of iterations that relates to the Action Plan submitted to and validated by the Belgian Data Protection Authority (APD)
TCF participants have until 20 November 2023 to adopt TCF v2.2 and make the necessary changes to their respective implementations.
What is the Transparency & Consent Framework (TCF)?
The TCF is an accountability tool that relies on standardization to facilitate compliance with certain provisions of the ePrivacy Directive and the GDPR. It applies principles and requirements derived from these two legislative instruments to the specific context of the online industry.
The TCF is a voluntary standard intended for use by three categories of stakeholders:
- Publishers: owners or operators of online content or services where personal data is collected and used by third-party companies (vendors) for digital advertising, audience measurement, or content personalisation.
- Vendors: third-party companies that do not ordinarily have direct access to end-users of publishers. Vendors can be Ad servers, measurement providers, advertising agencies, DSPs, SSPs, and more.
- CMPs (Consent Management Platforms): software or solution providers that develop notices (e.g. cookie banners) to inform users and capture their preferences with respect to the processing of their personal data.
TCF Key Components
The TCF is a combination of key resources:
- TCF Policies
- TCF Terms & Conditions
- TCF Implementation Guidelines
- Transparency and Consent (TC) String with Global Vendor List Format
- The Consent Management Platform API
- Vendor Device Storage & Operational Disclosures
- Additional Vendor Information List Specification
- Global Vendor List (GVL)
- CMP list
If you have any more questions or need further assistance, please feel free to ask us here.