Complete Story


Compliance Considerations:

How you should react when big decisions affect a key regulation

Since being put into effect nearly four years ago, the General Data Protection Regulation has dominated discussions of privacy policy in many organizations.

But given that guidance on enacting GDPR in the European Union was somewhat vague, regulatory parsing of the framework will continue to affect future GDPR implementations. A recent regulatory decision out of Belgium may be the most prominent interpretation thus far.

Earlier this month, Belgium’s data protection authority ruled [PDF] that IAB Europe’s Transparency and Consent Framework (TCF)—an approach to managing consumer data by advertisers that rely on the industry’s OpenRTB, or real-time bidding, ecosystem—failed to comply with a number of GDPR provisions. The decision will probably cause major changes in how websites with advertising manage consumer data. (IAB Europe, which faces a €250,000 fine and a 60-day mandate to update its data-collection practices, is appealing the decision.)

Please select this link to read the complete article from Associations Now.

Printer-Friendly Version