• Henry Park

IAB consent framework found invalid


In what should have been a non-story. The Transparency & Consent Framework (TCF) by the Interactive Advertising Bureau (IAB) was found to violate the GDPR.


When it was first released in 2018, there were numerous articles criticizing the TCF (link). Then in 2020, there were stories that the Belgium Data Protection Authority (DPA) had found issues with it (link). Well, it appears true because the Belgium DPA recently found in 2022 that the TCF violates the GDPR because it fails to comply with GDPR principles of transparency, fairness and accountability, and also the lawfulness of processing; and fails to provide adequate rules of processing of special category personal data (link). The IAB will appeal this finding, but it almost certainly dooms this version of the TCF.