Skip to Main Content
Main Menu
Articles

Compliance in Focus: Exploring the Latest IAB TCF v2.2 & Google CMP Requirements

New Requirements for Businesses Using Google Ads in Europe

Recently, Google announced new Consent Management Platform (CMP) requirements for businesses using Google Ad Manager to serve ads in the European Economic Area (EEA) and the UK. These requirements apply to all publishers using:

  • Google AdSense,
  • Ad Manager, or
  • AdMob.

Using a Google certified CMP that integrates with the Internet Advertising Bureau (IAB) Transparency and Consent Framework (TCF) when serving ads to users in the EEA and UK will become a requirement.

If you are a publisher serving Ads in the EE and UK and you use Google AdSense, Ad Manager, or Admob, Google will require you to use a CMP that is certified with Google (such as TrustArc) and have integrated with IAB TCF by January 16, 2024, otherwise, only limited ads will be eligible to serve on EEA or UK traffic.

Google explains, “The decision to require our publishers to adopt the IAB TCF follows on from IAB Europe’s announcement that TCF V2.2 has been finalized, which further supports consistency in the online advertising consent experience. This decision is also a continuation of our 2020 commitment to support industry efforts aimed at managing user transparency and consent through a standardized framework.”

As a result, Google has made available a list of certified CMP that meet their specifications. To become a certified CMP, vendors are assessed by Google against their rigorous certification criteria based on TCF compliance. The IAB Europe also provides a list of CMPs that have passed the compliance checks required by its Programme.

What is the IAB TCF v2.2?

The IAB TCF works as a system for communicating the state of user consent between first parties (publishers) and third parties (advertisers) using the Consent Management Platform in use on a website.

TCF is a set of technical specifications and policies that help publishers and advertisers comply with the ePrivacy Directive and the General Data Protection Regulation (GDPR) in the EU.

Support for the TCF framework is available to clients that are publishers in the EU. IAB TCF v2.2 is an updated version of this framework released in 2023, reflecting the IAB’s commitment to continuous improvement.

Improvements to the latest version are as follows:

  • Removal of ‘legitimate interest’ as a legal basis for some Purposes
  • Additional Purpose 11 to enhance the user’s content experience
  • More descriptive names and explanations of Purposes and Features to aid users’ understanding
  • Standardization of additional information about vendors to improve transparency
  • Specific requirements to facilitate users’ withdrawal of consent

IAB TCF v2.2 support facilitates improved privacy compliance, transparency, and standardization in the digital advertising ecosystem while giving users more control over their data. Not adhering to IAB policies carries significant repercussions (losing customer trust and compliance), as it can lead to expulsion of the CMP from the list of IAB TCF v2.2 compliant CMPs.

IAB TCF V2.2 Compliance

By November 20th, TrustArc and other CMPs will be obligated to update customers using our IAB TCF solution to TCF v2.2. This is a requirement for all CMPs registered with the IAB.

IAB TCF v2.2 support ensures that your consent management platform aligns with the latest IAB TCF standards. If you’re a publisher and target users in the EEA or UK using TrustArc’s IAB TCF solution, we strongly recommend you begin testing IAB TCF v2.2 in time for the November 20th IAB deadline.

TrustArc, as an IAB registered and a Google certified CMP, will provide the user interface compliant with IAB, help identify and display your IAB advertising partners using our scanning technology, and provide the consent signaling to the downstream Ad partners in adherence with the TCF standards.

Complying with the Latest Google CMP Requirements: Best Practices for Organizations

With increasing regulations and enforcement actions on cookies, tracking technologies, and ad tech – TrustArc Cookie Consent Manager ensures your marketing and advertising remain compliant:

  • Conduct comprehensive scans of online trackers on your website, such as e-tags, JavaScripts, and beacons, to identify unknown or suspicious trackers to meet compliance requirements, such as those outlined in CCPA (California Consumer Privacy Act).
  • Automatically categorize cookies into required, functional, and advertising categories, eliminating the need for manual intervention. Simply review the categorized cookies.
  • Enable automatic blocking functionality to accommodate various consent use cases, including “zero-cookie load.”
  • Adhere to global privacy signals like the Global Privacy Control (GPC), honor Do Not Track requests, and respect opt-outs for selling or sharing data.
  • Ensure compliance with regulations such as GDPR (General Data Protection Regulation) and CCPA to avoid costly legal disputes and damage to brand reputation.

Get the latest resources sent to your inbox

Subscribe
Back to Top