At Long Last, Google And IAB Europe Agree To Share Consent Systems

The Google consent management platform (CMP) Funding Choices will finally integrate with the IAB Europe’s Transparency & Consent Framework (TCF), the collaborative industry solution for passing consent data signals in the supply chain.

Google also said Thursday that Funding Choices now includes compliance with the California Consumer Privacy Act (CCPA). When traffic is from the EU or from California, Google will serve consent messages (aka pop-ups) that request explicit consent in the EU or offer the opportunity to opt-out of ad targeting in California, in accordance with respective laws.

Publishers can start testing the TCF integration today, according to a blog post announcing the news. And when the second version of the TCF launches in August, Funding Choices will be a CMP option and any other IAB-certified CMP will be able to use consent information collected by the Google publishing network for non-Google ad tech campaigns.

The integration offers publishers “a common language” so that consent data can be used for personalized advertising and ad measurement, writes Vegard Johnson, Google’s senior product manager for ads privacy and safety, in the blog post.

The IAB Europe and the IAB Tech Lab, which jointly oversee the TCF policies and the CMP program, published the TCF 2.0, the updated version, a year ago, and at the time Google was expected to integrate by the end of Q1 2020.

Ad tech vendors
originally expected Funding Choices to sync with industry CMPs and the ad tech ecosystem in August 2018, and for two years the the two sides circled a deal without managing to bring Google on board.

The integration is important for the ecosystem not just because now Google consent signals can be conveyed clearly to general ad tech vendors, and via other CMPs (so publishers don’t have to use the Google-owned product).

Google’s hesitation and delays in joining the IAB CMP program was seen as an unspoken rejection of the TCF. Publishers trust Google to manage its GDPR exposure, so they were largely defaulting to Google’s consent system, instead of using the industry solution.