Ready for the new Google Consent Mode v2? Learn more »
News

Webinar TCF Policy 3.5 vs. 4.0


New changes you need to know

The digital advertising industry has seen many changes over the past few years, particularly on privacy and data protection. The Transparency and Consent Framework (TCF) was introduced to address these concerns and bring a standardized approach to data governance.

In this webinar, the TCF Governance Board addresses the new changes to the latest version of TCF Policy 4.0 compared to TCF Policy 3.5 to address the concerns of the Belgian Data Protection Authority and other data protection authorities.

a purple background with the text iab europe Overview of the main differences between the Policy 3.5 and 4.0

The speakers include everyone actively involved in developing and updating the TCF policy: Christop Zippel, Senior Legal Advisor at RTL, Elena Turtureanu, VP Legal and Data Protection at Adform, Jan Winkler, CEO of consentmanager and Peter Craddock, Partner at Keller and Heckman LLP.

The changes are effective immediately and require all stakeholders, ie CMPs (Consent Management Platforms), vendors and publishers, to update their data practices accordingly.

The main differences between TCF Policy 3.5 and 4.0

Legitimate interest as a legal basis for purposes 3, 4, 5 and 6 is removed, which means that companies must obtain users’ explicit consent for these purposes.

TCF Policy 4.0 also brings some updates related to the presentation of legal texts. The standard texts for purposes and functions become more user-friendly, clearer and easier to understand. The legal text has been removed for this. All languages ​​have a transition period that will be phased in as the changes are finalized.

Another important change in TCF Policy 4.0 is the new First Layers requirement to disclose the number of vendors involved in data processing. Publishers should therefore only display the providers that are actually used. This information must be clearly displayed in the first level of the user interface, since users usually have no idea of the number of providers.

TCF Policy 4.0 also includes policy improvements related to consent withdrawal, making it easier for users to change their preferences. If you display an “Accept All” button, you must also display a “Reject All” button. The reason for this was that some websites displayed cookie banners where the decline button on the first level was not displayed when entering the website.

And how can TCF members use the new version 4.0 of the TCF Policy?

CMPs can integrate the new version of the Global Vendor List (GVL), which contains more information about vendors, and incorporate new user-oriented information into their user interface. Vendors can ensure their live installs pull the TC string in real-time to ensure accurate data processing, and publishers can ensure their CMP UI can be easily updated by users.

Watch the webinar detailing the requirements for the different TCF members.

TCF Policy 4.0 is a significant advancement over its predecessor. The changes were made to improve user privacy and data protection. This article provides an overview of the key differences between TCF Policy 3.5 and 4.0 and how they may affect your business. Watch the webinar and learn about all the changes between TCF Policy 3.5 and 4.0.


more comments

EDPB opinion on pay or consent model
Legal, News

The latest decision of the EDPB on “consent or pay” models for online platforms

The Dutch, Norwegian and German (Hamburg) regulators asked the European Data Protection Board (EDPB) for guidance on whether large online platforms can implement ‘consent or pay’ models for behavioural advertising based on valid and freely given consent. This was prompted by Meta’s introduction of a subscription model in October 2023, where users were given the […]
New regulations US 2024
Legal

New US data protection laws come into force in 2024: Update your US-specific privacy settings

In the United States, new data privacy laws will take effect in the second half of 2024 – in Florida, Texas, Oregon and Montana . Companies that operate in these states or have customers in these states will need to review their data privacy practices to ensure compliance with the new data privacy laws. To […]