Didomi acknowledges the decision announced today by the Belgian Data Protection Authority (APD) in connection with its investigation of IAB Europe.
We understand that the Belgian DPA has found that the Transparency and Consent Framework (TCF), developed by IAB Europe, fails to comply with a number of provisions of the GDPR.
The Litigation Chamber of the BE DPA found that IAB Europe is acting as a data controller with respect to the registration of individual users’ consent signal, objections and preferences by means of a unique Transparency and Consent (TC) String, which is linked to an identifiable user. This means that IAB Europe can be held responsible for possible violations of the GDPR. IAB Europe rejects the finding that they are a data controller in the context of the TCF.
We have reviewed this decision and are currently in the process of evaluating what this means in concrete terms for both Didomi and our clients.
Our clients will always be our priority, and we urge you to approach us should you have any questions regarding this decision and what this might mean for your business. Please reach out either to your Customer Success Manager, or to Didomi Chief Privacy Officer Thomas Adhumeau directly (firstname.lastname@example.org).
We have a dedicated team considering all aspects and analyzing the impact of this decision. Didomi will communicate further in the coming days.