It is pointed out that the IAB Europe version of that ``popup asking for consent'' that is displayed first when you look at the page violates the GDPR

In Europe, the pop-up requesting consent for the use of personal information of users who visit websites has been formulated mainly by an advertising agency called IAB Europe . IAB Europe has been fined about 32 million yen because this framework ' TCF ' violates Europe's ' EU General Data Protection Regulation ' .

GDPR enforcer rules that IAB Europe's consent popups are unlawful - Irish Council for Civil Liberties
https://www.iccl.ie/news/gdpr-enforcer-rules-that-iab-europes-consent-popups-are-unlawful/

APD Ruling Clears Way For Work on Developing TCF into a Formal GDPR Code of Conduct: IAB Europe Statement on the APD Decision Announced Today – IAB Europe
https://iabeurope.eu/all-news/apd-ruling-clears-way-for-work-on-developing-tcf-into-a-formal-gdpr-code-of-conduct-iab-europe-statement- on-the-apd-decision-announced-today/

With the evolution of technology, the infringement of Internet users' privacy by companies has become a problem, and GDPR was enacted in Europe in 2016. The enforcement of GDPR has regulated the online activities of companies, and the media and ad tech companies that operate advertisements have been particularly affected.

And on February 2, 2022, the Belgian data protection agency announced to IAB Europe, an association of the advertising ecosystem, that it had developed a targeting tool that violated privacy laws, and paid 250,000 euros (about 32 million yen). was fined. IAB stands for 'Interactive Advertising Bureau' and mainly develops technical standards for online advertising, conducts trend surveys and develops laws.

The problem is the framework formulated by IAB Europe and IAB Tech Lab called 'Transparency & Consent Framework (TCF / Transparency and Consent Framework)'. Website operators will acquire information about users who visit the website, but GDPR requires the user's consent to use this information. The TCF stipulates the process by which this consent is made.

The Belgian data protection agency has investigated and determined that the TCF violates the GDPR because it ``cannot ensure the confidentiality and security of personal data'' and ``does not provide transparency on what happens to people''. Did.

TCF aims to promote real-time bidding (RTB), an advertising mechanism. Google, an advertising company, also plays a central role in RTB, but is being investigated by antitrust law for its inappropriate practices.

Further details about ``Project Bernanke'' suspected of violating antitrust laws as Google unfairly prioritized its own advertisement revealed-GIGAZINE

In response, IAB Europe ``accepts the decision of the Belgian data protection authority. Please note that the authorities have acknowledged that it has been done,' the statement said. On the other hand, he denied the authority's decision that ``IAB Europe is responsible for the data,'' saying, ``In the context of the TCF, we are not the data controller.'' The company is considering a legal challenge, arguing that this decision has serious and unintended consequences far beyond the digital advertising industry.