With the public consultation on the first iteration of the Transparency & Consent Framework (the Framework) that closed on April 8, 2018, we are continuing to receive good, actionable feedback from publishers. A recurrent theme is whether and how the Framework can assist publishers to assert greater control over the delivery of advertising to their sites, and especially of valuable first-party data. Without getting ahead of ourselves, it seems at least possible that the Framework will provide an opportunity for publishers and ad tech to address a source of tension that has dogged their commercial relationship for over a decade, and reach a more durable modus vivendi.
With the GDPR coming into effect on 25 May 2018, and the current ePrivacy Directive still in force, the regulatory framework alone is already improving publishers’ ability to control which third parties are active on their sites. The ePrivacy Directive makes consent the primary legal basis for interactions with consumer devices in nearly all EU markets, and the publisher has privileged direct access to the user to obtain that consent. Consumer information obligations in the GDPR mean that even where the legitimate interest legal basis is used, third parties will rely on publishers to make the necessary disclosures to enable those third parties to process data. No disclosure, no legal basis. Publishers and other first parties are the gate-keepers on whom third-party vendors will be completely dependent.
Reinforcing the pivotal position of the publisher
The Framework reflects, and will further reinforce, the pivotal position of the publisher. Publishers will decide what choices are presented to their users – which third parties, processing data for what purpose. A publisher can ensure that only trusted partners are surfaced, and only for purposes that align to publisher objectives
Where user consent must be obtained, publishers will determine whether users are offered the option of granting global or only service-specific consent to a given vendor to process data for a given purpose. Publishers also have complete freedom to determine all other aspects of the user interface. Some publishers will want to build their own consent management platforms. Some will want to hire in a third-party Consent Management Provider. In either case, the look and feel will be adapted to the requirements and preferences of the publisher.
Publishers are free to unilaterally present additional different purposes in the same UI. However, only the standardised set of purposes can be transmitted through the Framework. As a result, any non-standardised purposes would need to be leveraged and/or transmitted through a means other than the Framework. This flexibility enables publishers, within the same UI, to provide transparency into, and request consent for, purposes in addition to the standardised ones – for example, for their own use, or to work with vendors outside of the online advertising ecosystem.
We’ll have a final wrap on feedback from other key stakeholders next week, as we move toward deployment in mid-April and the opening of the global vendor and CMP registration process.