TCF 2.0 has been receiving mixed reviews from the media and publishing industry since its launch on August 21, 2019. An overwhelming majority feels that it is a far better version than its initial counterpart. However, some publishers are skeptical about its efficacy. Many are still wondering how it resolves their challenges pertaining to GDPR compliance.
The two events that have played a major role in TCF 2.0’s ripple effect are Google’s declaration of TCF compliance and the warning issued by the Information Commissioner’s Office (ICO) asking ad businesses to comply with the General Data Protection Regulation (GDPR).
In this post, we help publishers in understanding what TCF 2.0 is exactly, the necessity behind a revised version, and how it can help them in GDPR compliance.
What is TCF 2.0?
TCF 2.0 is the second version of the Transparency and Consent Framework. It is a unique solution built for every member of the programmatic advertising chain.
Its purpose lies in standardizing ad business and ensuring all parties in digital advertising (publishers, ad tech vendors, and agencies) comply with the EU’s GDPR.
Reasons for Revamping TCF 1.0
A majority of publishers did not like the first version of TCF. They felt that it was heavily biased in favor of ad tech vendors. It provided an undue advantage to ad tech vendors as it had several loopholes that could be easily exploited by them.
However, it would be unfair to accuse the makers of deliberate discrimination. TCF 1.0 was the first framework of its kind, hence the primary focus was on ad tech vendors. TCF 2.0 tries to reduce disparity by taking into account the concerns of consumers and publishers. It aims to provide choice and transparency to consumers and also provides greater control to publishers.
The Good, Bad, and Ugly of TCF 2.0
TCF 2.0 is an improved version of TCF 1.0 as it greatly expands publishers’ bidstream options for collecting and assigning consent. In other words, it has been revamped to accommodate the needs of publishers.
Under TCF 2.0, consumers have the freedom to grant or withhold consent and also are free to object to data being processed. Users will benefit from the revised definitions of Purposes, Special Purposes, Features, and Special Features.
The new framework also contains comprehensive guidelines for vendors. These guidelines would prove useful to vendors when deciding on a particular action.
The new functionality allows publishers to restrict the purposes for which personal data is processed by vendors on a publisher’s website on a per-vendor basis. It also enables publishers to have greater control and flexibility to integrate and collaborate with their technology partners.
The bad part of TCF 2.0 is that these are just guidelines that companies are asked to adhere to. Compliance is voluntary and not mandatory. The ugly part of the TCF 2.0 is that there is no way these guidelines can be enforced upon businesses today or tomorrow. The number of players in the chain is huge, and this makes it impossible to track data leakage at any point.
The onus is now on publishers
As the framework has been rolled out, it is now up to publishers to prepare for it. Here are some of the actions that you as a publisher need to take to ensure compliance:
Make Yourself Familiar with TCF 2.0
The first and foremost step that you can take is to make yourself familiar with TCF 2.0. You can watch videos, read material that is available over the internet, and contact IAB for any queries.
Pick the Right Consent Management Platform
You should start exploring your options regarding the consent management platform. Even if you are already using a CMP, it is recommended that you work on its integration with the upgraded framework as TCF 2.0 is not backward compatible with TCF 1.0. In case you work with an unregistered CMP, it will no longer be valid in TCF 2.0, even if it technologically supports the new signal.
Collaborate with Your Vendors
You need to collaborate with your vendor and plan the implementation of 2.0. Even though vendors are required to support both TCF 1.0 and TCF 2.0, you need to choose one or the other. It is better you shift to TCF 2.0 as soon as possible.
Decide on Collecting Consent
It is optional to collect consent for storing and accessing the information on a device using jurisdiction-specific settings. However, it is optional only for those publishers that are based in those countries that have not strictly implemented the e-Privacy Directive. Some of the vendors may not prefer to work with you if you choose not to collect consent for storing and accessing information.
Is TCF 2.0 Final?
No, TCF 2.0 is not the final version because the journey from the initial basic version to the final eloquent version will be a timetaking and complicated process. The progress is evolutionary in nature. Many are questioning the purpose of TCF 2.0 as it still has a few drawbacks.
With all its limitations, we would say that TCF 2.0 is a significant step in the right direction. It is only through such steps, TCF would become more robust and effective in due course of time. Consultations with publishers, vendors, advertisers, media agencies, and data protection authorities are necessary to ensure the framework is further improved.