In response to feedback from the market, as well as evolving case law and guidelines from various national data protection authorities, the IAB has implemented the TCF v2.2. The new framework aims to improve the standardization of information presented to users, and give them more control over how their personal data is processed.<\/p>\n\n\n\n
The TCF v2.2 includes some measures related to the action plan that the IAB submitted to the Belgian DPA.<\/p>\n\n\n\n
What is new in IAB Transparency and Consent Framework v2.2 (TCF v2.2)?<\/h2>\n\n\n\n
The Transparency and Consent Framework (TCF) v2.2 is a significant update to the previous version, with policy changes aimed to increase transparency and provide users with more control over their consent choices.<\/p>\n\n\n\n
Removal of legitimate interest<\/h3>\n\n\n\n
TCF v2.2 no longer allows legitimate interest as a legal basis for data processing operations related to advertising and content personalization. Vendors can now only select explicit consent as an acceptable legal basis for these purposes.<\/p>\n\n\n\n
Improved user interface (UI)<\/h3>\n\n\n\n
The information required in consent management platforms\u2019 (CMP) UI has been improved to include user-friendly standard texts, new features of processing, and real use case illustrations to make it easier for users to understand what they\u2019re consenting to and what their options are.<\/p>\n\n\n\n
Easier consent withdrawal<\/h3>\n\n\n\n
Users can now change their minds about sharing their data with vendors, and they must be able to re-access the CMP UI to change or withdraw consent at any time. The process to withdraw consent must be as easy as the process to give it. The practical implications of this are that the CMP UI must be easily accessible to users and not buried on the website or app where users must hunt to find it.<\/p>\n\n\n\n
More vendor transparency<\/h3>\n\n\n\n
Detailed disclosures about vendors regarding data categories and retention periods, are standardized under TCF v2.2 and must be provided to users in the secondary layer(s) of CMP UIs.<\/p>\n\n\n\n
Enhanced compliance programs<\/h3>\n\n\n\n
New auditing mechanisms and differentiated enforcement procedures will be implemented, including proactive auditing of a larger number of randomly selected CMPs and vendors each month.<\/p>\n\n\n\n
Read more about the new IAB TCF v2.2 here.<\/strong><\/a> For more information about the technical modifications in IAB TCF v2.2, visit the IAB Tech Lab website.<\/strong><\/a><\/p>\n\n\n\n In doubt about whether your website is GDPR-compliant? Test it with the free Cookiebot CMP compliance test<\/a>.<\/p>\n\n\n CMPs must implement the new policies and specifications of the TCF v2.2 by November 20, 2023. Cookiebot CMP\u2019s IAB integration supports the new IAB framework (TCF v2.2).<\/p>\n\n\n\n Cookiebot CMP integration with the IAB Transparency and Consent Framework v2.2 continues to be an optional supplement to the core consent framework in the Cookiebot CMP solution.<\/p>\n\n\n\n Cookiebot CMP\u00a0integration consists of an extra panel in the consent banner of websites registered with the IAB, as pictured above.<\/p>\n\n\n\n The panel is called \"Ad Settings\", and from there, end-users can choose between IAB Purposes and Vendors before submitting their consent.<\/p>\n\n\n\n We recommend using the IAB framework integration as a supplement and not a replacement for the regular\u00a0Cookiebot CMP\u00a0solution.<\/p>\n\n\n\n This, because IAB\u2019s consent model works through signaling the user\u2019s consent to advertising vendors, whereas\u00a0Cookiebot CMP\u00a0consent model works through blocking non-consented vendors.<\/p>\n\n\n\n This is a key difference because, according to the GDPR, it is the publisher (i.e. you, the website owner) who is liable for all tracking and personal data collection taking place on their domain \u2013 also by third parties.<\/p>\n\n\n\n Cookiebot CMP\u00a0eliminates the dependency on the good faith of the vendors and gives true control to the website owner. By using\u00a0Cookiebot CMP\u00a0as an integration in the IAB framework (TCF v2.2), you ensure true GDPR compliance for yourself.<\/p>\n\n\n\n To ensure that user consents are being honored by advertising vendors, the\u00a0Cookiebot CMP\u00a0patented scanning technology monitors all cookies and similar trackers used by vendors on the website and marks them as non-consensual in the scan report.<\/p>\n\n\n\n Read our technical support article here<\/a>, if you want to know more about implementation and technical details about the IAB framework (TCF v2.2) and\u00a0Cookiebot CMP.<\/p>\n\n\n\n Cookiebot CMP also supports<\/strong> the IAB CCPA Compliance Framework<\/strong>. Read more here<\/a>.<\/p>\n\n\n Cookiebot CMP\u00a0is one of the few fully compliant consent management platforms on the market.<\/p>\n\n\n\n Cookiebot CMP\u00a0unmatched scanning technology finds all cookies and trackers and then takes automatic control until users have given their consent, enabling true compliance with the EU\u2019s General Data Protection Regulation and ePrivacy Directive.<\/p>\n\n\n\n Cookiebot CMP\u00a0performs monthly deep-scans of your domain to make sure that you always know what third-party trackers and trojan horses are loading on your website.<\/p>\n\n\n\n Take a look at the alarming facts about website tracking here.<\/a><\/p>\n\n\n\n Cookiebot CMP\u00a0then presents a true choice of consent to your users through our consent banner.<\/p>\n\n\n\n Your scan report can be published as a cookie declaration on your website, e.g. as an integrated part of your website\u2019s privacy policy or cookie policy.<\/p>\n\n\n\n Consent must be renewed annually. However, some national data protection guidelines recommend more frequent renewal, e.g. 6 months. Check your local data protection guidelines for compliance.<\/p>\n\n\n IAB Europe<\/a>, (Interactive Advertising Bureau), is a business organization for online advertisers and marketers, that develops and governs industry standards and best practices, conducts research, and provides legal support.<\/p>\n\n\n\n In preparation for the enforcement of the EU law on data protection and privacy, the General Data Protection Regulation<\/a> (GDPR) in May 2018, the IAB Tech Lab developed a Framework in collaboration with IAB Europe.<\/p>\n\n\n\n The Framework is called the IAB Europe Transparency & Consent Framework<\/a>.<\/p>\n\n\n\n The IAB Framework establishes a common ground of cooperation between publishers, advertisers, and consent management providers that can help smoothen the process of meeting the requirements of the GDPR.<\/p>\n\n\n\n The Framework especially works as a standardized means for communicating the state of user consent between first parties such as publishers, third parties such as advertisers, and the consent management system in use on the first party\u2019s website.<\/p>\n\n\n\n The General Data Protection Regulation (GDPR)<\/a> sets out strict requirements for how one may record, store, use and share personal data.<\/p>\n\n\n\n In order for your consent management to comply, it has to be...<\/p>\n\n\n\n Furthermore,<\/p>\n\n\n\n With the GDPR, businesses, organizations and websites may only handle their users\u2019 data if they have their specific consent to it, or if the purpose falls under one of the other categories in the six lawful reasons for processing data<\/a>.<\/p>\n\n\n\n The GDPR is extremely wide-ranging both geographically, in scope, and in severity.<\/p>\n\n\n\n\n Try Cookiebot CMP free for 14 days<\/a>... or forever if you have a small website. <\/h2>\n <\/div>\n <\/div>\n <\/div>\n<\/div>\n\n\n\n
Cookiebot CMP and the new IAB Framework (TCF v2.2)<\/h2>\n\n\n\n
![\"Screenshot](\"\/media\/4338\/iab_adsettings_en.png?width=177.85234899328862&\")
\n Try Cookiebot CMP free for 14 days<\/a>... or forever if you have a small website. <\/h2>\n <\/div>\n <\/div>\n <\/div>\n<\/div>\n\n\n\n
The unmatched scanning technology of Cookiebot CMP<\/h3>\n\n\n\n
![\"Cookieboot](\"\/media\/4333\/consent_en.png?width=500&\")
\n Using\u00a0Cookiebot CMP\u00a0is free if you have under 50 subpages (unique URLs). <\/h2>\n <\/div>\n
What is the IAB Framework and how does it meet GDPR requirements?<\/h2>\n\n\n\n
What are the GDPR requirements and<\/strong> what do they mean for advertisers?<\/h3>\n\n\n\n
Requirements for compliant consent in the GDPR<\/h3>\n\n\n\n
\n
\n
![\"Pepco\"](\"https:\/\/www.cookiebot.com\/us\/wp-content\/uploads\/sites\/8\/2023\/11\/pepco_group_logo_340px_01-1.svg?v=1548f22bcec1f087\"\n){kind=logo}
\n <\/div>\n ![\"rural-king\"](\"https:\/\/www.cookiebot.com\/us\/wp-content\/uploads\/sites\/8\/2023\/11\/rural-king.svg?v=c61b94b055f7f6f1\"\n)
\n <\/div>\n ![\"orbico\"](\"https:\/\/www.cookiebot.com\/us\/wp-content\/uploads\/sites\/8\/2023\/11\/orbico.svg?v=0c403b5e138f2d8e\"\n)
\n <\/div>\n ![\"credit-exchange\"](\"https:\/\/www.cookiebot.com\/us\/wp-content\/uploads\/sites\/8\/2023\/11\/credit-exchange.svg?v=6bb93c10d76574f5\"\n)
\n <\/div>\n ![\"canon\"](\"https:\/\/www.cookiebot.com\/us\/wp-content\/uploads\/sites\/8\/2023\/11\/canon.svg?v=d58e7999bf5b46cc\"\n)
\n <\/div>\n ![\"bauhaus\"](\"https:\/\/www.cookiebot.com\/us\/wp-content\/uploads\/sites\/8\/2023\/11\/bauhaus.svg?v=695ed7c488c3a310\"\n)
\n <\/div>\n <\/div>\n <\/div>\n","protected":false},"excerpt":{"rendered":"