The way online advertisements are organised violates European privacy legislation, according to the Belgian Data Protection Authority. The representative of the advertising industry, IAB Europe, has been sentenced to a fine and must adjust the system. This could have far-reaching consequences.
Returning adverts
Every time you visit a website, behind the scenes, a battle among advertisers erupts to show you their banner. This real-time bidding system happens automatically and is activated as soon as you click accept in the pop-up window that inevitably appears when surfing online. The cookies and trackers, for which you have given permission, track which other sites you visit, where you are and what kind of device you use, among other things.
That way, advertisers determine – all within a split second – how interesting you are to them and how much they are willing to pay to show their ad to you. The highest bidder takes the advertising space. That is how an advertisement for a particular hotel or pair of joggers can follow you everywhere. The way this happens, however, turns out to be improper.
Fine of 250,000 euros
With the stored data (in a so-called Transparency and Consent String or TC String), it is possible to identify an individual user, which is not allowed according to the European privacy legislation GDPR. Consequently, sector organisation and developer of the system IAB Europe has now been sentenced to a fine of 250,000 euros, reports Data News. IAB must develop a plan to comply with GDPR within two months, after which the approved plan must be implemented within six months. If not, additional fines of 5,000 euros per day will follow.
Remarkably, the Belgian Data Protection Authority, following complaints from a range of international privacy activists, holds IAB Europe accountable. That is because IAB Europe is based in Brussels. Nevertheless, the ruling applies directly to the entire European Union.
Demand for change
The consequences could be far-reaching since almost every website and online advertiser uses the same system. That system must now be radically revised: according to the data authority, even a pop-up window asking website visitors for their approval cannot be allowed because it is too vague and non-transparent. Likewise, the argument of legitimate interest, which many websites refer to these days, is not legally valid.
Cookies have been in the eye of the storm for some time now. Google previously announced that it would eventually stop using third-party cookies, although this switch has been delayed due to a lack of an approved alternative. At the same time, various consumer associations are increasing the pressure to abolish personalised advertising altogether, as the European Commission takes a close look at the legal framework for e-commerce and online advertising.
You can read more about the changing rules, standards and expectations surrounding online advertising and privacy in the new book The Future of Shopping: Re-set Re-made Re-tail by Jorg Snoeck and Pauline Neerman, which will be published this spring.
