Windows SDK now available
consentmanager now offers a Windows SDK, enabling compliant consent management in native Windows applications. This expands our platform coverage beyond web and mobile and allows you to implement standardized consent flows across additional environments.
Withdrawal button required for online shops from June 2026
From June 19, 2026, the EU Directive 2023/2673 requires online shops to offer a clearly visible withdrawal button, making contract cancellations as simple as placing an order. The requirement also applies to customer portals, comparison platforms and financial services.
In Germany, non-compliance can lead to fines of up to €50,000 or 4% of annual turnover. Other member states may set different penalties.
If you run an e-commerce site or online service, now is a good time to review your checkout flow and overall compliance setup.
HP case study: Compliance at enterprise scale
In our latest case study, HP shows how they use consentmanager to monitor compliance across more than 1.2 million pages. With our Compliance Monitor, HP automates domain scans, detects cookies and third-party vendors, and gains centralized visibility across global web properties. The result: 65% less audit time and 60% fewer compliance gaps.
IAB TCF 2.3: automatic upgrade on February 26 2026
On February 26, we’ll complete the transition from IAB TCF 2.2 to IAB TCF 2.3. All accounts currently on TCF 2.2 will be upgraded automatically, and TCF 2.2 will be removed from account settings. Going forward, TCF 2.3 will be the only available version. No action is needed on your side. The upgrade runs entirely in the background, with no changes to your setup, implementation, or existing codes. If you’ve already upgraded to TCF 2.3, nothing further is required.
UK ICO launches privacy checks on mobile games for children
With 90% of UK children playing games on their phones and tablets, the Information Commissioner’s Office (ICO) wants to assess whether these apps are adequately protecting young users. The regulator has announced a monitoring program targeting ten popular mobile games to examine their default privacy settings, location tracking, and targeted ads.
If your app reaches children, review your setup against the ICO’s Children’s Code now. Scan your app with our App Compliance Monitor to identify risks before regulators do.
Digital Markets Act review: 450+ responses published
The European Commission has published over 450 responses to its Digital Markets Act (DMA) review consultation. The DMA targets “gatekeepers” like Google, Meta, Amazon and Apple, companies with large user bases and significant market power. Many respondents are pushing for stronger data access, better interoperability and expanded rules covering AI and cloud services. The review report is due by May 3, 2026. For a deeper look at what the DMA is and who it affects, take a look at our overview article.
CJEU ruling expands data responsibilities for online platforms
In case C-492/23, the EU’s highest court ruled that online platforms could be held jointly responsible for the personal data contained in advertisements posted by users. The reasoning behind this is that if you control how ads are displayed, categorized and shared, you are helping to determine how that data is processed. This means that platforms may need to verify the identity of those posting ads and screen for sensitive data before publication.
What’s new this month
Here’s a quick summary of recent improvements:
- New: Extend staging to designs
- New: IAB GPP new sections for MD, IN, KY, RI
- Improved: CCPA GPC display signal
- Improved: Keep users from zooming in the consent layer
- Improved: HAR crawl import
- Fix: Design editor warning
- Fix: Global rights view all/edit all
These updates are already available and do not require any changes to your current setup.
