On May 16th, 2023, the IAB introduced TCF 2.2 to continue helping everyone in the digital ecosystem comply with the privacy rules of the ePrivacy Directive and GDPR.
The TCF working groups invested significant effort to make things more standard. They wanted to make sure that when websites use your personal info, they tell users clearly. They also wanted to figure out the best way to ask for user permission and respect their choices.
- What is TCF 2.2?
- How is TCF 2.2 different than older versions?
- How does TCF 2.2 affect users?
- How does TCF 2.2 affect publishers and advertisers?
- Why should publishers care?
- Take steps to implement TCF 2.2
If you are interested in understanding TCF 2.0, refer to these TCF 2.0 FAQs.
What is TCF 2.2?
The IAB's Transparency and Consent Framework (TCF) serves as a guide for publishers and advertisers, helping them adhere to privacy laws like GDPR and the ePrivacy Directive.
The latest iteration, TCF 2.2, was released on May 16, 2023, and it introduces changes that improve user experiences by allowing them to access and manage their information more easily.
The deadline for implementing TCF 2.2 is November 30, 2023.
How is TCF 2.2 different from older versions?
TCF 2.2 incorporates numerous changes to enhance user interactions with their data. Notable changes include:
No more use of "legitimate interest" for ads and personalized content:
In TCF 2.2, only explicit consent can be used to process data for ads and personalized content. GDPR regulators have emphasized that clear visitor consent is paramount.
What does this mean?
For instance, if a user adds shoes to their cart but abandons it, the brand cannot display ads for those shoes unless the user explicitly consents to personalized ads.
Clearer and user-friendly language:
TCF 2.2 introduces improved terminology, descriptions, and explanations of purposes and features. Instead of complex legal terminology, users receive easily understandable explanations and real-life examples, making it simpler for them to grasp the implications of their consent.
Publishers and advertisers are required to use straightforward language to communicate their data usage intentions. No complicated legal jargon!
Standardized vendor disclosure:
TCF 2.2 mandates that vendors provide additional specifics about their data processing. This includes:
- Categories of collected data
- Retention periods for each purpose
- Legitimate interests involved (if applicable)
This information helps users to make more informed decisions about their data.
The goal is to ensure users can identify the types of data collected about them and have the option to modify this information. Users should have control over their data, not the digital industry.
CMPs to disclose the number of vendors:
Consent Management Platforms (CMPs) are now obligated to display the total number of vendors seeking legal grounds on their first layer and the total count of vendors for each purpose on secondary layers. This transparency allows users a clear overview of the parties engaged in handling their data.
Data often passes through various vendors and CMPs when personalized or targeted ads are involved. However, users typically lack clarity about who precisely accesses their information. This new update makes sure users can see who all are involved in showing targeted content.
In addition to policy amendments, TCF 2.2 introduces technical specification updates:
- Farewell to “getTCData”: Vendors will now utilize event 'listeners' (where applicable) for Framework implementation. This offers a streamlined and efficient approach.
- GVL version elevated to version 3 with added vendor information:
- Novel data fields provide insight into diverse data categories.
- Data retention durations for each purpose.
- Support for declaring URLs in multiple languages.
These TCF 2.2 updates aim to improve user experience, elevate transparency, and provide clearer guidance for Vendors, Publishers, and CMPs.
How does TCF 2.2 affect users?
TCF 2.2 delivers improved experiences for end-users in the following ways:
- Enhanced data insights: Users gain access to more comprehensive details about the collection and utilization of data.
- Understanding data categories: Users can identify the types of personal data in use and have choices to manage it.
- Transparent vendor information: The initial consent messages now reveal the total count of companies requesting permission.
- User-friendly control: Users can swiftly alter decisions and manage choices through the CMP user interface.
- Revoking consent: Users can readily withdraw their permission whenever desired.
How does TCF 2.2 impact publishers and advertisers?
TCF 2.2 changes things for publishers and advertisers. They have to follow new rules for collecting and using data, such as:
Publishers need to update their Consent Management Platform (CMP) to align with new rules. This means showing the total number of companies, making info easy to understand, and letting users change their choices.
Advertisers need to use companies that follow TCF 2.2's rules. They must also make sure they have permission from users for ads and personalized content.
Other companies involved in dealing with user data (CMPs and vendors) need to change their systems to match the new rules. They have to give more details about how they use data, use new ways to get data, and stop using old commands like “getTCData”.
Why should publishers care about TCF 2.2?
The shifts in TCF 2.2 significantly impact online publishers showing targeted ads.
User trust: The recent TCF update prioritizes transparency. This presents an excellent chance for publishers to grasp their users' preferences, cultivate an environment of utmost transparency, and foster trust.
Revenue changes: Reduced targeted advertisements will inevitably influence publishers' earnings. Nonetheless, this setback can be mitigated by enhancing user engagement, delivering genuinely valuable experiences, and exploring alternative approaches to grow new revenue streams. Ask us how.
Handling consent: Ensuring your consent management platform aligns with the updated laws is essential. You should either update it yourself or coordinate with your platform provider to make the necessary changes. Make sure you check that your CMP and other vendors are TCF 2.2 compliant. Here is an IAB list of compliant vendors, and the list of Consent Management Platforms (CMP).
Remember, non-compliance can result in fines. Therefore, publishers, advertisers, and entities involved in ads should embrace these new rules.
For further insight, here is an IAB-hosted webinar to help publishers in implementing TCF changes:
TCF 2.2 Webinar for Publishers - how can publishers adjust their TCF implementation?
Take Steps to Implement TCF 2.2
In the ever-evolving realm of online privacy and data protection, TCF 2.2 emerges as a pivotal milestone, reshaping interactions with digital advertising. For publishers, advertisers, and vendors, these changes represent a proactive stance toward transparency and user empowerment.
Related article: How GDPR compliance can boost your business.
Publishers, the foundation of online content, face a decision point. Adapting to TCF 2.2 is not just about compliance; it's an opportunity to foster a relationship of trust with their users.
As the November 30, 2023 deadline approaches, the imperative is to finish implementation as soon as possible. TCF 2.2 not only meets regulatory demands but also opens doors for more ethical, respectful, and user-centric practices.
Admiral was one of the first 10 IAB-certified CMPs in the world and is also a Google-certified CMP provider.
What Admiral's Google Approved status means for you:
- Customers that are currently using Admiral’s CMP: Great news, you’re all set!
- Customers that are actively using any one of Admiral’s modules: Our Customer Love team can turn on and configure your CMP in minutes.
- Admiral is also compliant with IAB's Global Privacy Platform (GPP) across the US.
- For publishers looking for a Google-certified CMP: Schedule a demo today.