Policy

Privacy & Data Protection

Privacy and data protection rules play an important role for the digital advertising industry as delivering relevant advertising and measuring its effectiveness requires the processing of data. Processing data is a crucial for digital advertising to be efficient in funding digital content, services, and applications, making them widely available at little or no cost, as well as driving growth within the digital economy.

ePrivacy Regulation

The ePrivacy Directive (Directive 2002/58/EC), also nicknamed the “Cookie Directive” because of its rules on storing and accessing data on a users’ device, such as so-called Internet cookies, is a directive primarily regulating the processing of personal data in the electronic communications sector, i.e. by telecommunications providers.

The ePrivacy Directive is of import to the digital advertising industry because of the aforementioned rules on cookies, which are of general application and not limited to the electronic communications sector. Cookies play an important role in websites delivering a personalized experience, including relevant advertising. The ePrivacy Directive stipulates that member states must create rules that require website operators to inform the user concerned about the use of cookies and obtain their consent for the use of (most) cookies.

Now, the Commission has proposed repealing and replacing the Directive with an ePrivacy Regulation. As a matter of EU law, Regulations can be relied upon directly by citizens, meaning that EU Member States no longer have a role in interpreting its application to fit within their national legal order. In its current form, the Regulation would require the consent of users in line with the rules of the General Data Protection Regulation for the lawful use of cookies, advertising identifiers (e.g. IDFA and AAID), device fingerprinting, etc. to collect information (not just personal data) and to deliver targeted advertising.

The proposed Regulation would also mandate browsers and other software to provide the option to actively prevent data collection through cookies et al., and to force users to make a choice as to their preference during set up. This would be the case not just for web browsers, but for any application or device which can connect to the internet.

For more information on the political and legal aspects of the proposal, check out IAB Europe’s ‘Cookie Regulation FAQ’.

General Data Protection Regulation

The General Data Protection Regulation (Regulation (EU) 2016/679) (“GDPR”) had been more than four years in the making when it finally entered into force on 25 May 2016. After a 24 months transition period, the GDPR will replace the existing patchwork of different national data protection laws in Europe, which are implementing the 20 year old European Data Protection Directive, with a single, directly applicable European law as of 25 May 2018.

IAB Europe has been advocating for a GDPR that provides a high level of data protection for Internet users while enabling digital advertising to continue playing its important role for the Internet ecosystem in the future. To this end IAB Europe has supported a risk-based approach to data protection, which would focus regulatory scrutiny and enforcement on data processing based on the meaningful risks for data subjects. IAB Europe has also been stressing the importance for the new law to provide clear rules that provide legal certainty for companies.

Resources

PRIVACYSHIELD

For more information please contact
Matthias Matthiesen
After the 25th of May 2018, data protection authorities will have the power to fine companies up to €20,000,000 for breaching the new data...
5 January 2018
IAB Europe Webinar Recording: GDPR Webinar Series IV – Consent Solution
After the 25th of May 2018, data protection authorities will have the power to fine companies up to €20,000,000 for breaching the new data...
5 January 2018
IAB Europe Webinar Recording: GDPR Webinar Series III – Consent
This working paper has been prepared by the Members of IAB Europe’s GDPR Implementation Working Group (GIG), under the leadership of M...
28 November 2017
IAB Europe GIG: Working Paper on GDPR Consent
This webinar provided insights into the results of two of the studies commissioned by IAB Europe to explore data-driven advertising’s co...
16 November 2017
IAB EU Webinar recording: Digital Advertising in European Media Ecosystem & Economy
After the 25th of May 2018, data protection authorities will have the power to fine companies up to €20,000,000 for breaching the new data...
8 November 2017
IAB Europe Webinar Recording: GDPR Webinar Series II – Personal Data
Brussels, 26 October 2017 – IAB Europe regrets the European Parliament’s decision to approve the controversial and extreme report o...
26 October 2017
IAB Europe Press Release: European Parliament positions itself against the ad-supported interne...
An in-depth study by GfK, based on online surveys with over 11,000 internet users, explored the types of content consumers access online, ...
23 October 2017
IAB Europe Webinar Recording: Data-Driven Advertising – Europe Online: An Experience Driven b...
After the 25th of May 2018, data protection authorities will have the power to fine companies up to €20,000,000 for breaching the new data...
12 October 2017
IAB Europe Webinar Recording: GDPR Webinar Series I – GDPR compliance
On 10 October 2017, eight associations, among them IAB Europe, representing stakeholders of the European publishing, media, and advertising ...
10 October 2017
8 European associations ask MEPs to recognise the right of online services to decide their busi...
On Friday September 29th, the Industry Coalition for Data Protection of which IAB Europe is a member wrote an open letter to Members of the...
3 October 2017
Industry Coalition for Data Protection writes letter to MEPs on ePrivacy
On 13 September at #dmexco, IAB Europe CEO, Townsend Feehan hosted The Privacy Debate – Preparing for GDPR: Embracing the inevitable reg...
22 September 2017
Video: The Privacy Debate – Preparing for GDPR: Embracing the inevitable regulations / dmex...
The GDPR Compliance Primer has been prepared by the members of the IAB Europe GDPR Implementation Working Group, under the leadership of Imp...
18 September 2017
IAB Europe’s GDPR Compliance Primer
X

Thank you for your interest in our article. We’d love to get in touch with you to find out how you are using our research. If you don’t mind us sending you an email to ask you if the article was helpful, then please enter your email address and download the report.

We promise we won’t spam you!

Login

Become a Member Lost your password?