How did Adwords change bidding at the end of 2023? (performance analysis)
What is AdWords? Google AdWords, now known as Google Ads, is an online advertising platform by Google. It allows businesses…
Google has announced that it will participate in the IAB Europe Transparency & Consent Framework v2.0, and will comply with its Specifications and Policies. We can read that Google will begin reading and passing the TC string for all ad requests starting from when IAB fully transitions from TCF v1.1 to v2.0. This change was scheduled to take effect at the end of June, but due to the ongoing lockdown, a decision was made by IAB to postpone the transition to August 15th.
What is the Transparency and Consent Framework (TCF) and why has it been updated to v2.0 ?
The Transparency and Consent Framework (TCF) is a list of technical specifications and policies developed by IAB Europe in order to support all digital advertising companies so that they are compliant with the European Union’s General Data Protection Regulation (GDPR) and the ePrivacy Directive (ePD) when processing personal data. The first version of the TCF was launched on 25 April 2018 and it provides a means of transmitting signals of consent from a user to vendors working with publishers using a Consent Management Platform (CMP). The TCF was updated to v2 after collecting feedback from all the stakeholders from the Digital Advertising industry; and its goal is to provide enhanced transparency and choice to consumers as well as greater control to publishers. In this IAB’s FAQ you can find very comprehensive and exhaustive answers to all the questions related to TCF v1 and v2.
What is the Consent Management Platform (CMP) and why is it so important to implement it?
The Consent Management Platform (CMP) centralises and manages transparency for the consent and refusal of the users of a website, which is an important step for every Publisher to follow in order to be compliant with GDPR.
The CMP’s role is to:
– Provide users with transparency into the vendors that a Publisher has chosen to work with;
– Provide transparency into the purposes and legal basis that a vendor wishes to leverage – the names and descriptions of purposes and features: (TCF v1.1 Policy) for TCF v1.1 and here (TCF v2.0 Policy) for TCF v2.0;
– Store a user’s consent signals, for example a third-party cookie, in the user’s browser and make consent information available to vendors in the Consent String for TCF v1.1 and the TC String for TCF v2.0;
– Ensure that consent for a purpose applies only to the vendors that have declared – via the Global Vendor List (GVL) – that they use data for that purpose.
Yieldbird takeaways
Publishers can choose from a number of the CMP solutions available on the market; or build their own tool adapted to their specific needs. We strongly recommend using only the solutions present on the IAB’s list and/or to validate the own CMPs using the instructions made by IAB.
Since the proper implementation of CMP is always a challenge and you need to take into consideration a series of information, we strongly recommend using the checklist prepared by Google, which is quite helpful when it comes to making sure that all important aspects have been taken into consideration.
GDPR has been with us for some time now. A number of our Publishers have explicitly chosen not to implement CMP because of the short-term negative impact on revenue. And so, should we choose short-term victory over long-term business security? This is always the Publisher’s decision, however for us the approach that should be taken is obvious: to set up a CMP and follow all the requirements stated in both GDPR and related policies.
What are the technical differences between TCF v 1.1 and TCF v 2.0?
TCF v2.0 operates in almost exactly the same way as the earlier version. It uses a binary system of data storage – which is where data is converted into bits (binary digits that are either 0 or 1). This creates a string of bits, now called the TC String, which follows the same programming principle as the “daisy bit” in TCF. To aid the transmission through the internet of the binary storage (1s and 0s), they are converted into a compressed string of letters and numbers. All vendors and CMPs in the supply chain will need to decode the string to render the data that will inform what the user has/has not consented/objected to and what the Publisher has/has not given permission to. The encoding is done by using base64. There is no change in this mechanism from TCF 1 to TCF v2.0.
The main difference is to be found in the fact that the TC String in TCF v2.0 is longer than the “daisy bit”. This is because it contains much more information than was captured by the first version of the TCF. The increase in the data stored in the string equates to the greater granularity of detail that provides use transparency and choice. It also provides those working in the advertising supply chain with increased transparency, whilst increasing the permissions and controls which a Publisher can exercise.
What happens on 15 August 2020?
On 15 August 2020, the IAB will stop providing any technical support for the Global Vendor List (GVL) and other infrastructure necessary to implement the TCV v1.1. We can also read that the consent strings in v1.1 will also be no longer valid after 30 September 2020. This is important information especially for all CMPs that need to be adapted to the TCF2, as well as vendors that have to adapt to the new type of consent.
Most SSPs have already confirmed their readiness to adapt to the change, while Google (which is not part of IAB) has also announced that GAM will be compatible with TCF2 once the IAB fully transitions from TCF1 to TCF2. The exact date has not been given by Google as yet, but it will rather happen after IAB’s autumn date. Until then, so we can read, if a Publisher deploys an IAB TCF v2.0 consent management platform (CMP), there will be no change in their existing ad serving behavior (unless a Publisher enables a beta).
So, what steps should you take? Please make sure that your CMP can adapt to TCF v.2.0 and ask the same questions to all vendors that you cooperate with.
What happens if the Publisher does not have a proper CMP in place?
In order to be compliant with GDPR, all online Publishers should have CMP properly implemented on their pages [at least for the traffic from EU and UK], since they can’t serve any kind of personalised ads and store users’ cookies without the consent of the same users. First of all, we recommend that you have the CMP platform in place; that it’s been correctly implemented and has properly passed consent strings [now the TC string] so as to require that every partner is compliant with the most updated version of TCF.
The first motivation should be your own business security. This compliance is required by other vendors, including Google, who simply might cease transacting with you.
Google’s statement on this matter is very straightforward and requires from Publishers the proper sending of their users’ consent. Failure to comply with the abovementioned requirement means that Google may drop the ad request and no ads will be passed on – as they mention on their EU User Consent Policy. Yes, we are aware that Google has announced this move several times; and yet a drop in demand has not been observed. However, you don’t know the time and the day when Google will take action. Having the CMP in place with the proper consent string will eliminate this risk.
But just to clarify: Google doesn’t require explicitly that Publishers have a TCF 2.0 compatible CMP installed; but some form of gathering of all the user content and passing it onwards to the adserver is required.
Being in close touch with other Supply Side Platforms on the Programmatic market, we also have some insights from their end. For example, we learned that one of the Publishers on the CEE markets had noted a revenue drop when they had corrected the previously incorrect CMP setup; which resulted in a sudden drop of properly passed on consent strings from 100% to less than 40%. This is one of the most prominent cases that we are aware of, which proves that there’s a need to make sure that consents are managed and passed onwards in the proper manner.
Yieldbird’s recommendation: Make sure to have a properly implemented CMP in place.
The integration between the CMP and the Content Management System (CMS) that a Publisher uses is always challenging. To this end, we have carried out market research aimed at finding the optimal CMP solution, one that will be fully compliant with TCF v2.0:
A full list of TCF 2.0-compliant CMPs can be found on the IAB website: click here.
If a CMP is present on the list, this means that it has passed the compliance checks required by IAB, Europe’s CMP Compliance Programme,; and that this CMP will be sufficient for storing and processing user-consent information.
Below is a list of three CMPs that we regard as being the most promising (in no particular order):
One Trust (2.0)
Quantcast (2.0)
Cookiebot (2.0)
Some of these CMPs offer free versions that differ from the paid ones with respect to the features available. However, the free versions should also fulfil the basic required role.
If you choose to use another CMP, please ensure that it has been registered and is compliant with the TCF v2.0. This can be confirmed by making reference to the abovementioned IAB website.
For any questions or enquiries related to the topic, feel free to contact us at hello@yieldbird.com
