Belgian DPA Decision on IAB Europe Transparency Consent Framework (TCF)

What was the Belgian decision on the IAB Europe’s Transparency Consent Framework (“TCF”)?

Background Information 

Due to the General Data Protection Regulation (GDPR) and other applicable laws, Customers need a consent banner if they are located in the EU or have EU end users visit their site(s) and want to track them via the NextRoll pixel. Customers may choose to use (i) a TCF compliant third party consent banner or (ii) the TCF compliant NextRoll consent banner

 What is TCF?

The European Interactive Advertising Bureau (IAB) is the leading European-level association for the interactive advertising ecosystem. They created a framework (known as the “TCF”) to obtain the consent required under GDPR.  NextRoll follows the TCF guidelines and, therefore, NextRoll’s consent banner is TCF compliant.     

Belgium’s DPA decision

On February 2, 2022, the Belgian Data Protection Authority (DPA) ruled that the TCF is in violation of GDPR and that the IAB must take measures to bring the TCF into compliance. The DPA did not ban the use of the TCF nor was its ruling issued against businesses that use it. The ruling was against the IAB only.  The IAB has two months to submit a remediation plan to be approved by the DPA.  Once approved, the IAB will have six months to implement the plan. 


Does this decision impact me?

This decision impacts you if you are a customer using a consent banner. 

Reminder: As a customer you only need a consent banner if you are located in the EU or have EU end users visit your site(s) and want to track them via the NextRoll pixel.

 

What does this mean for me if I am a customer using the NextRoll consent banner?

Your continued use of the NextRoll consent banner should not trigger liability for GDPR violations based on the Belgium DPA’s decision. The Belgium decision was against the IAB only, not businesses who use TCF compliant consent banners. For further information, please view the IAB’s Frequently Asked Questions (See Are TCF participants at risk now towards their local Data Protection Authority?)  

 

What does this mean for me if I am a customer using a custom consent banner that is TCF compliant?

If you are a customer using a TCF compliant banner from a third-party you should not be liable for GDPR violations based on the Belgium DPA’s decision. The Belgium decision was against the IAB only, not businesses who use TCF compliant consent banners. For further information, please view the IAB’s Frequently Asked Questions (See Are TCF participants at risk now towards their local Data Protection Authority?)

 

Who can I contact with questions?

We are committed to supporting your data protection needs.  To learn more about our data privacy efforts, please visit the Privacy and Security section of our Help Center and see our Privacy Notice

If you have any questions regarding how this decision may impact you, please contact the RollWorks Customer Support team.

Was this article helpful?
0 out of 0 found this helpful

Articles in this section

Chat with an agent
Mon - Fri 10am - 6pm EST
Send a support email
Mon - Fri 10am - 6pm EST
Community
Get the latest product news and join other ABM practitioners