Submit Search
Upload
For Superweek 2022: discussing risk using IAB's TCF
•
2 likes
•
1,569 views
Aurélie Pols
Follow
IAB'S TCF, FROM STANDARD (?) TO UNLAWFUL PROCESSING: WHO ENDS UP WITH NON-COMPLIANCE RISKS?
Read less
Read more
Data & Analytics
Report
Share
Report
Share
1 of 29
Download now
Download to read offline
Recommended
게임엔진과 공간정보 3D 콘텐츠 융합 : Cesium for Unreal
게임엔진과 공간정보 3D 콘텐츠 융합 : Cesium for Unreal
Kyu-sung Choi
Digital Twin For The Railway Network
Digital Twin For The Railway Network
Dattaraj Rao
오픈소스GIS 개발 일반 강의자료
오픈소스GIS 개발 일반 강의자료
BJ Jang
Leveraging Graph Analytics for Fraud Detection in PaySim Data
Leveraging Graph Analytics for Fraud Detection in PaySim Data
Neo4j
CKAN overview
CKAN overview
Augusto Herrmann Batista
Carvana slides
Carvana slides
Jiabin Zhu
Nbs ID Card - Printer and Embosser
Nbs ID Card - Printer and Embosser
Digital Factors
Developing Spatial Applications with Google Maps and CARTO
Developing Spatial Applications with Google Maps and CARTO
CARTO
Recommended
게임엔진과 공간정보 3D 콘텐츠 융합 : Cesium for Unreal
게임엔진과 공간정보 3D 콘텐츠 융합 : Cesium for Unreal
Kyu-sung Choi
Digital Twin For The Railway Network
Digital Twin For The Railway Network
Dattaraj Rao
오픈소스GIS 개발 일반 강의자료
오픈소스GIS 개발 일반 강의자료
BJ Jang
Leveraging Graph Analytics for Fraud Detection in PaySim Data
Leveraging Graph Analytics for Fraud Detection in PaySim Data
Neo4j
CKAN overview
CKAN overview
Augusto Herrmann Batista
Carvana slides
Carvana slides
Jiabin Zhu
Nbs ID Card - Printer and Embosser
Nbs ID Card - Printer and Embosser
Digital Factors
Developing Spatial Applications with Google Maps and CARTO
Developing Spatial Applications with Google Maps and CARTO
CARTO
Creative destruction & Privacy Whitewashing: where does risk lie?
Creative destruction & Privacy Whitewashing: where does risk lie?
Aurélie Pols
AI Roles and Risk for election year 2024
AI Roles and Risk for election year 2024
Aurélie Pols
Preparing for the AI Act - 5 years into GDPR enforcement
Preparing for the AI Act - 5 years into GDPR enforcement
Aurélie Pols
Storm on the Horizon: Data Governance & Security vs. Employee Privacy
Storm on the Horizon: Data Governance & Security vs. Employee Privacy
Aurélie Pols
Women in STEM for IE Girl Up Club
Women in STEM for IE Girl Up Club
Aurélie Pols
eMetrics Summit Boston 2014 - Big Data for Marketing - Privacy Principles & P...
eMetrics Summit Boston 2014 - Big Data for Marketing - Privacy Principles & P...
Aurélie Pols
eMetrics Summit Boston 2014 - Big Data Marketing - From Über Creepy to Over ...
eMetrics Summit Boston 2014 - Big Data Marketing - From Über Creepy to Over ...
Aurélie Pols
ePrivacy Directive, a 10 steps framework to be as compliant as possible for m...
ePrivacy Directive, a 10 steps framework to be as compliant as possible for m...
Aurélie Pols
Privacy Regulations and Your Digital Setup
Privacy Regulations and Your Digital Setup
Piwik PRO
Webit Global Congress - Leaders of the Future Summit - Privacy and Data Prote...
Webit Global Congress - Leaders of the Future Summit - Privacy and Data Prote...
Aurélie Pols
A Framework of Purpose and Consent for Data Security and Consumer Privacy
A Framework of Purpose and Consent for Data Security and Consumer Privacy
Aurélie Pols
The Data Pitch call
The Data Pitch call
Elena Simperl
Customers in the cloud pulse final
Customers in the cloud pulse final
FLUZO
Data Accountability & Consumer Trust
Data Accountability & Consumer Trust
Aurélie Pols
"Towards Value-Centric Big Data" e-SIDES Workshop - Slide-deck
"Towards Value-Centric Big Data" e-SIDES Workshop - Slide-deck
e-SIDES.eu
EXPERT WEBINAR: GDPR One Year Later — What Can We Learn from Investigations a...
EXPERT WEBINAR: GDPR One Year Later — What Can We Learn from Investigations a...
Feroot
Data is the new oil, privacy is the new green - Eye4Travel Amsterdam
Data is the new oil, privacy is the new green - Eye4Travel Amsterdam
Aurélie Pols
GDPR - Applift firstscreen june 2016
GDPR - Applift firstscreen june 2016
Saira Nayak, JD, CIPP/US/E
TrustArc Webinar-Advertising, Privacy, and Data Management Working Together
TrustArc Webinar-Advertising, Privacy, and Data Management Working Together
TrustArc
Mirena Taskova - EU GDPR Intro & Update - Stanford Engineering - 14 Jan 2019
Mirena Taskova - EU GDPR Intro & Update - Stanford Engineering - 14 Jan 2019
Burton Lee
IAPP - Skills For Minimizing Privacy Risk in Data Science Product and Service...
IAPP - Skills For Minimizing Privacy Risk in Data Science Product and Service...
Aurélie Pols
Interoperability in Digital will take a Global Village
Interoperability in Digital will take a Global Village
Aurélie Pols
More Related Content
Similar to For Superweek 2022: discussing risk using IAB's TCF
Creative destruction & Privacy Whitewashing: where does risk lie?
Creative destruction & Privacy Whitewashing: where does risk lie?
Aurélie Pols
AI Roles and Risk for election year 2024
AI Roles and Risk for election year 2024
Aurélie Pols
Preparing for the AI Act - 5 years into GDPR enforcement
Preparing for the AI Act - 5 years into GDPR enforcement
Aurélie Pols
Storm on the Horizon: Data Governance & Security vs. Employee Privacy
Storm on the Horizon: Data Governance & Security vs. Employee Privacy
Aurélie Pols
Women in STEM for IE Girl Up Club
Women in STEM for IE Girl Up Club
Aurélie Pols
eMetrics Summit Boston 2014 - Big Data for Marketing - Privacy Principles & P...
eMetrics Summit Boston 2014 - Big Data for Marketing - Privacy Principles & P...
Aurélie Pols
eMetrics Summit Boston 2014 - Big Data Marketing - From Über Creepy to Over ...
eMetrics Summit Boston 2014 - Big Data Marketing - From Über Creepy to Over ...
Aurélie Pols
ePrivacy Directive, a 10 steps framework to be as compliant as possible for m...
ePrivacy Directive, a 10 steps framework to be as compliant as possible for m...
Aurélie Pols
Privacy Regulations and Your Digital Setup
Privacy Regulations and Your Digital Setup
Piwik PRO
Webit Global Congress - Leaders of the Future Summit - Privacy and Data Prote...
Webit Global Congress - Leaders of the Future Summit - Privacy and Data Prote...
Aurélie Pols
A Framework of Purpose and Consent for Data Security and Consumer Privacy
A Framework of Purpose and Consent for Data Security and Consumer Privacy
Aurélie Pols
The Data Pitch call
The Data Pitch call
Elena Simperl
Customers in the cloud pulse final
Customers in the cloud pulse final
FLUZO
Data Accountability & Consumer Trust
Data Accountability & Consumer Trust
Aurélie Pols
"Towards Value-Centric Big Data" e-SIDES Workshop - Slide-deck
"Towards Value-Centric Big Data" e-SIDES Workshop - Slide-deck
e-SIDES.eu
EXPERT WEBINAR: GDPR One Year Later — What Can We Learn from Investigations a...
EXPERT WEBINAR: GDPR One Year Later — What Can We Learn from Investigations a...
Feroot
Data is the new oil, privacy is the new green - Eye4Travel Amsterdam
Data is the new oil, privacy is the new green - Eye4Travel Amsterdam
Aurélie Pols
GDPR - Applift firstscreen june 2016
GDPR - Applift firstscreen june 2016
Saira Nayak, JD, CIPP/US/E
TrustArc Webinar-Advertising, Privacy, and Data Management Working Together
TrustArc Webinar-Advertising, Privacy, and Data Management Working Together
TrustArc
Mirena Taskova - EU GDPR Intro & Update - Stanford Engineering - 14 Jan 2019
Mirena Taskova - EU GDPR Intro & Update - Stanford Engineering - 14 Jan 2019
Burton Lee
Similar to For Superweek 2022: discussing risk using IAB's TCF
(20)
Creative destruction & Privacy Whitewashing: where does risk lie?
Creative destruction & Privacy Whitewashing: where does risk lie?
AI Roles and Risk for election year 2024
AI Roles and Risk for election year 2024
Preparing for the AI Act - 5 years into GDPR enforcement
Preparing for the AI Act - 5 years into GDPR enforcement
Storm on the Horizon: Data Governance & Security vs. Employee Privacy
Storm on the Horizon: Data Governance & Security vs. Employee Privacy
Women in STEM for IE Girl Up Club
Women in STEM for IE Girl Up Club
eMetrics Summit Boston 2014 - Big Data for Marketing - Privacy Principles & P...
eMetrics Summit Boston 2014 - Big Data for Marketing - Privacy Principles & P...
eMetrics Summit Boston 2014 - Big Data Marketing - From Über Creepy to Over ...
eMetrics Summit Boston 2014 - Big Data Marketing - From Über Creepy to Over ...
ePrivacy Directive, a 10 steps framework to be as compliant as possible for m...
ePrivacy Directive, a 10 steps framework to be as compliant as possible for m...
Privacy Regulations and Your Digital Setup
Privacy Regulations and Your Digital Setup
Webit Global Congress - Leaders of the Future Summit - Privacy and Data Prote...
Webit Global Congress - Leaders of the Future Summit - Privacy and Data Prote...
A Framework of Purpose and Consent for Data Security and Consumer Privacy
A Framework of Purpose and Consent for Data Security and Consumer Privacy
The Data Pitch call
The Data Pitch call
Customers in the cloud pulse final
Customers in the cloud pulse final
Data Accountability & Consumer Trust
Data Accountability & Consumer Trust
"Towards Value-Centric Big Data" e-SIDES Workshop - Slide-deck
"Towards Value-Centric Big Data" e-SIDES Workshop - Slide-deck
EXPERT WEBINAR: GDPR One Year Later — What Can We Learn from Investigations a...
EXPERT WEBINAR: GDPR One Year Later — What Can We Learn from Investigations a...
Data is the new oil, privacy is the new green - Eye4Travel Amsterdam
Data is the new oil, privacy is the new green - Eye4Travel Amsterdam
GDPR - Applift firstscreen june 2016
GDPR - Applift firstscreen june 2016
TrustArc Webinar-Advertising, Privacy, and Data Management Working Together
TrustArc Webinar-Advertising, Privacy, and Data Management Working Together
Mirena Taskova - EU GDPR Intro & Update - Stanford Engineering - 14 Jan 2019
Mirena Taskova - EU GDPR Intro & Update - Stanford Engineering - 14 Jan 2019
More from Aurélie Pols
IAPP - Skills For Minimizing Privacy Risk in Data Science Product and Service...
IAPP - Skills For Minimizing Privacy Risk in Data Science Product and Service...
Aurélie Pols
Interoperability in Digital will take a Global Village
Interoperability in Digital will take a Global Village
Aurélie Pols
The GDPR is here. So do you know what the courts are saying?
The GDPR is here. So do you know what the courts are saying?
Aurélie Pols
CPDP: Data ownership, Innovation and Privacy: looking for an approach on both...
CPDP: Data ownership, Innovation and Privacy: looking for an approach on both...
Aurélie Pols
GDPR and the aftermath: what are we building towards?
GDPR and the aftermath: what are we building towards?
Aurélie Pols
Who Goes There? Demystifying Digital Identity for All (1/2)
Who Goes There? Demystifying Digital Identity for All (1/2)
Aurélie Pols
Data is the new infrastructure, Privacy is the new green, Trust is the new cu...
Data is the new infrastructure, Privacy is the new green, Trust is the new cu...
Aurélie Pols
How digitization challenges our values as citizens
How digitization challenges our values as citizens
Aurélie Pols
Technical Consequences of the Data Subject's Rights
Technical Consequences of the Data Subject's Rights
Aurélie Pols
From GDPR to ePrivacy: what does it mean to the advertising sector?
From GDPR to ePrivacy: what does it mean to the advertising sector?
Aurélie Pols
State of EU legislation: GDPR & ePrivacy for Superweek
State of EU legislation: GDPR & ePrivacy for Superweek
Aurélie Pols
The Great GDPR MyData Debate - Aurelie Pols - Keynote
The Great GDPR MyData Debate - Aurelie Pols - Keynote
Aurélie Pols
The Data Subject First? Decoding the GDPR at StrataData
The Data Subject First? Decoding the GDPR at StrataData
Aurélie Pols
Brussels data science - Privacy Engineering for Big Data & Data Science
Brussels data science - Privacy Engineering for Big Data & Data Science
Aurélie Pols
Sibos INNOTRIBE Digital Ethics
Sibos INNOTRIBE Digital Ethics
Aurélie Pols
Superweek 2016 Would You Lie to Your Physician?
Superweek 2016 Would You Lie to Your Physician?
Aurélie Pols
Multi-tasking teams within cyber security departments
Multi-tasking teams within cyber security departments
Aurélie Pols
BIG DATA IN BUSINESS Implement and use Big Data to your organization’s advantage
BIG DATA IN BUSINESS Implement and use Big Data to your organization’s advantage
Aurélie Pols
Get data without the creepiness factor, the privacy by design concept
Get data without the creepiness factor, the privacy by design concept
Aurélie Pols
Big Data Big Ideas: Data is the New Oil, Privacy is the New Green
Big Data Big Ideas: Data is the New Oil, Privacy is the New Green
Aurélie Pols
More from Aurélie Pols
(20)
IAPP - Skills For Minimizing Privacy Risk in Data Science Product and Service...
IAPP - Skills For Minimizing Privacy Risk in Data Science Product and Service...
Interoperability in Digital will take a Global Village
Interoperability in Digital will take a Global Village
The GDPR is here. So do you know what the courts are saying?
The GDPR is here. So do you know what the courts are saying?
CPDP: Data ownership, Innovation and Privacy: looking for an approach on both...
CPDP: Data ownership, Innovation and Privacy: looking for an approach on both...
GDPR and the aftermath: what are we building towards?
GDPR and the aftermath: what are we building towards?
Who Goes There? Demystifying Digital Identity for All (1/2)
Who Goes There? Demystifying Digital Identity for All (1/2)
Data is the new infrastructure, Privacy is the new green, Trust is the new cu...
Data is the new infrastructure, Privacy is the new green, Trust is the new cu...
How digitization challenges our values as citizens
How digitization challenges our values as citizens
Technical Consequences of the Data Subject's Rights
Technical Consequences of the Data Subject's Rights
From GDPR to ePrivacy: what does it mean to the advertising sector?
From GDPR to ePrivacy: what does it mean to the advertising sector?
State of EU legislation: GDPR & ePrivacy for Superweek
State of EU legislation: GDPR & ePrivacy for Superweek
The Great GDPR MyData Debate - Aurelie Pols - Keynote
The Great GDPR MyData Debate - Aurelie Pols - Keynote
The Data Subject First? Decoding the GDPR at StrataData
The Data Subject First? Decoding the GDPR at StrataData
Brussels data science - Privacy Engineering for Big Data & Data Science
Brussels data science - Privacy Engineering for Big Data & Data Science
Sibos INNOTRIBE Digital Ethics
Sibos INNOTRIBE Digital Ethics
Superweek 2016 Would You Lie to Your Physician?
Superweek 2016 Would You Lie to Your Physician?
Multi-tasking teams within cyber security departments
Multi-tasking teams within cyber security departments
BIG DATA IN BUSINESS Implement and use Big Data to your organization’s advantage
BIG DATA IN BUSINESS Implement and use Big Data to your organization’s advantage
Get data without the creepiness factor, the privacy by design concept
Get data without the creepiness factor, the privacy by design concept
Big Data Big Ideas: Data is the New Oil, Privacy is the New Green
Big Data Big Ideas: Data is the New Oil, Privacy is the New Green
Recently uploaded
Cheap Rate Call girls Sarita Vihar Delhi 9205541914 shot 1500 night
Cheap Rate Call girls Sarita Vihar Delhi 9205541914 shot 1500 night
Delhi Call girls
Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...
Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...
amitlee9823
Call Girls In Shalimar Bagh ( Delhi) 9953330565 Escorts Service
Call Girls In Shalimar Bagh ( Delhi) 9953330565 Escorts Service
9953056974 Low Rate Call Girls In Saket, Delhi NCR
Call Girls Indiranagar Just Call 👗 7737669865 👗 Top Class Call Girl Service B...
Call Girls Indiranagar Just Call 👗 7737669865 👗 Top Class Call Girl Service B...
amitlee9823
Discover Why Less is More in B2B Research
Discover Why Less is More in B2B Research
michael115558
Market Analysis in the 5 Largest Economic Countries in Southeast Asia.pdf
Market Analysis in the 5 Largest Economic Countries in Southeast Asia.pdf
Rachmat Ramadhan H
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...
Delhi Call girls
BDSM⚡Call Girls in Mandawali Delhi >༒8448380779 Escort Service
BDSM⚡Call Girls in Mandawali Delhi >༒8448380779 Escort Service
Delhi Call girls
Delhi Call Girls CP 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls CP 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
shivangimorya083
April 2024 - Crypto Market Report's Analysis
April 2024 - Crypto Market Report's Analysis
manisha194592
Delhi 99530 vip 56974 Genuine Escort Service Call Girls in Kishangarh
Delhi 99530 vip 56974 Genuine Escort Service Call Girls in Kishangarh
9953056974 Low Rate Call Girls In Saket, Delhi NCR
Smarteg dropshipping via API with DroFx.pptx
Smarteg dropshipping via API with DroFx.pptx
olyaivanovalion
Generative AI on Enterprise Cloud with NiFi and Milvus
Generative AI on Enterprise Cloud with NiFi and Milvus
Timothy Spann
Determinants of health, dimensions of health, positive health and spectrum of...
Determinants of health, dimensions of health, positive health and spectrum of...
shambhavirathore45
Best VIP Call Girls Noida Sector 39 Call Me: 8448380779
Best VIP Call Girls Noida Sector 39 Call Me: 8448380779
Delhi Call girls
(NEHA) Call Girls Katra Call Now 8617697112 Katra Escorts 24x7
(NEHA) Call Girls Katra Call Now 8617697112 Katra Escorts 24x7
Call Girls in Nagpur High Profile Call Girls
Week-01-2.ppt BBB human Computer interaction
Week-01-2.ppt BBB human Computer interaction
fulawalesam
Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
amitlee9823
Ravak dropshipping via API with DroFx.pptx
Ravak dropshipping via API with DroFx.pptx
olyaivanovalion
BabyOno dropshipping via API with DroFx.pptx
BabyOno dropshipping via API with DroFx.pptx
olyaivanovalion
Recently uploaded
(20)
Cheap Rate Call girls Sarita Vihar Delhi 9205541914 shot 1500 night
Cheap Rate Call girls Sarita Vihar Delhi 9205541914 shot 1500 night
Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...
Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...
Call Girls In Shalimar Bagh ( Delhi) 9953330565 Escorts Service
Call Girls In Shalimar Bagh ( Delhi) 9953330565 Escorts Service
Call Girls Indiranagar Just Call 👗 7737669865 👗 Top Class Call Girl Service B...
Call Girls Indiranagar Just Call 👗 7737669865 👗 Top Class Call Girl Service B...
Discover Why Less is More in B2B Research
Discover Why Less is More in B2B Research
Market Analysis in the 5 Largest Economic Countries in Southeast Asia.pdf
Market Analysis in the 5 Largest Economic Countries in Southeast Asia.pdf
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...
BDSM⚡Call Girls in Mandawali Delhi >༒8448380779 Escort Service
BDSM⚡Call Girls in Mandawali Delhi >༒8448380779 Escort Service
Delhi Call Girls CP 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls CP 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
April 2024 - Crypto Market Report's Analysis
April 2024 - Crypto Market Report's Analysis
Delhi 99530 vip 56974 Genuine Escort Service Call Girls in Kishangarh
Delhi 99530 vip 56974 Genuine Escort Service Call Girls in Kishangarh
Smarteg dropshipping via API with DroFx.pptx
Smarteg dropshipping via API with DroFx.pptx
Generative AI on Enterprise Cloud with NiFi and Milvus
Generative AI on Enterprise Cloud with NiFi and Milvus
Determinants of health, dimensions of health, positive health and spectrum of...
Determinants of health, dimensions of health, positive health and spectrum of...
Best VIP Call Girls Noida Sector 39 Call Me: 8448380779
Best VIP Call Girls Noida Sector 39 Call Me: 8448380779
(NEHA) Call Girls Katra Call Now 8617697112 Katra Escorts 24x7
(NEHA) Call Girls Katra Call Now 8617697112 Katra Escorts 24x7
Week-01-2.ppt BBB human Computer interaction
Week-01-2.ppt BBB human Computer interaction
Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Ravak dropshipping via API with DroFx.pptx
Ravak dropshipping via API with DroFx.pptx
BabyOno dropshipping via API with DroFx.pptx
BabyOno dropshipping via API with DroFx.pptx
For Superweek 2022: discussing risk using IAB's TCF
1.
IAB'S TCF, FROM
STANDARD (?) TO UNLAWFUL PROCESSING: WHO ENDS UP WITH NON-COMPLIANCE RISKS? Founder, Aurélie Pols & Associates February 1st 2022 aurelie.pols@protonmail.com 1
2.
aurelie.pols@protonmail.com © prepared
by Aurélie Pols for Aurelie Pols & Associates – Data Governance & Privacy Engineer Data is the New infrastructure – Privacy is the New Green – Trust is the New Currency Dutch nationality, French mother tongue, works in English, lives in Spain AURELIE POLS, DATA GOVERNANCE & PRIVACY ENGINEER • DPO for mParticle (Customer Data platform) – contractor (USA, New York) • Founder – Aurélie Pols & Associates • Expert Advisory Board (EAB) member - Panelfit (EU H2020 No 788039) • Group expert member for the Observatory on the Online Platform Economy (E03607) – EU Commission •Guest professor DPO certification courses Maastricht University, faculty of law (NL) & Solvay Business School Brussels (B) • Board Member European Center On Privacy and Security, Maastricht University (NL) • Ethics Advisory Group (EAG) – European Data Protection Supervisor (EDPS) Towards a digital ethics • Former Vice-chair P7002 – Data Privacy Process – IEEE • Speaker/writer/consiglieri: Mobile World Congress, SWSX, Strata (+ Hadoop World), IAPP, Piwik, AT Internet, industry associations, AdTech & MarTech vendors, … 2003: OX2 Co-founder Webanalytics.be 2008: Sold to Digitas LBi (Publicis) 2
3.
What I do
for a living In case you’re wondering ;-) 3
4.
Interlocking liabilities &
obligations People Company (Telco, Bank, Insurance..) Company (Agency, consultancy, vendor, ...) Cloud provider • Aligning contract obligations • (+ enforcement?) • Providing • Security • Privacy features • Privacy engineering B2C B2B B2B Privacy policies Consent MSA SOW T&C 4
5.
IAB’s TCF on
RTB A little bit of history 5
6.
aurelie.pols@protonmail.com © prepared
by Aurélie Pols for Aurelie Pols & Associates – There’s this guy in Ireland who talks of RTB 6 Video here: https://vimeo.com/670735163
7.
aurelie.pols@protonmail.com © prepared
by Aurélie Pols for Aurelie Pols & Associates – He has been tackling this subject First as a publisher, then working for a browser and now at an NGO 7 Link https://iabeurope.eu/transparency-consent-framework/
8.
aurelie.pols@protonmail.com © prepared
by Aurélie Pols for Aurelie Pols & Associates – The problem? 8 https://www.dataprotectionauthority.be/citizen/belgian-dpa-sends-its-draft-decision-in-the-iab-europe-case-to-european-counterparts
9.
aurelie.pols@protonmail.com © prepared
by Aurélie Pols for Aurelie Pols & Associates – The “privacy freedom fighter” angle 9 Link https://www.iccl.ie/digital- data/apd-iab-findings/
10.
10
11.
aurelie.pols@protonmail.com © prepared
by Aurélie Pols for Aurelie Pols & Associates – Independent audit? 11 Link https://iabeurope. eu/blog/iab- europe-launches- new-tcf-vendor- compliance- programme/
12.
12
13.
aurelie.pols@protonmail.com © prepared
by Aurélie Pols for Aurelie Pols & Associates – IAB side 13 Link https://iabeurop e.eu/blog/vendo r-compliance-in- the-tcf-what-it- is-and-what-it- isnt/
14.
Taking a step
back From the playground 14
15.
aurelie.pols@protonmail.com © prepared
by Aurélie Pols for Aurelie Pols & Associates – It started with denial 1. Advertising IDs are not PII, right? 2. Let’s ignore the concept of purpose limitation 3. The only lawful basis that exist is consent Ø US notion of notice & choice 4. Keeping the data for ever is not an issue 5. Fairness is an impossible concept to respect Ø Let’s ignore the also US notion of discrimination (eg. FCRA) 6. Sprinkle on top some security if really, really needed 15
16.
aurelie.pols@protonmail.com © prepared
by Aurélie Pols for Aurelie Pols & Associates – Yet the law is closing in 2 main reasons according to Johnny Ryan, for those who understand how RTB works: 1. The biggest data breach in history 2. Enfrindging the purpose limitation principle ← NEW!!! 16
17.
aurelie.pols@protonmail.com © prepared
by Aurélie Pols for Aurelie Pols & Associates – More specifically 17 Is there a week without any notice of Google enfringement?
18.
aurelie.pols@protonmail.com © prepared
by Aurélie Pols for Aurelie Pols & Associates – Translating this into GDPR lingo Back to basics: 1. Personal data is broader than PII, personally identifiable information 2. For data to be lawfully processed, a legal basis is required 1. This works per purpose ie data flow 2. Someone should tell Apple it’s not device only (ATT) 3. Data subjects have Rights 4. International data transfers are subject to conditions 18
19.
aurelie.pols@protonmail.com © prepared
by Aurélie Pols for Aurelie Pols & Associates – Words matter so much 19 Personal data - GDPR Personal information - CCPA Personally Indentifiable Information – ??? Sensitive Data – US COPPA, HIPAA, Infosec teams Special categories of Data – GDPR Financial data
20.
aurelie.pols@protonmail.com © prepared
by Aurélie Pols for Aurelie Pols & Associates – Problems of legality with RTB The initial issues with RTB are: An international broadcast of personal data to a variety of legal entities 1. If the auction is lost, 1. Are these legal entities deleting personal data? 2. Are these legal entities using those IDs for something else? (purpose limitation) 2. If the auction is won, 1. the personal data is passed onto other entities to fulfil the processing operations of 1. Delivering the ad to the chosen profile on the chosen medium (Ad network + publisher) 2. Delivering the reporting around the advertising operation 20
21.
aurelie.pols@protonmail.com © prepared
by Aurélie Pols for Aurelie Pols & Associates – Looking at it from the data subjects’ side 2 main questions arise from the data suject side: 1. Notice: how is the user notified of all the legal entities that receive her personal data? And for which purpose? 2. Rights: if the user wanted to exercise her rights to access, deletion, rectification, objection, portability and non-profiling, how would that work? Both obligations lie with the data controller ie the publisher 21
22.
Who is responsible? Where
does the risk lie? 22
23.
aurelie.pols@protonmail.com © prepared
by Aurélie Pols for Aurelie Pols & Associates – This happened last week Munich State Court finds use of Google Fonts in violation of GDPR and grants compensation of 100€ Legitimate interest didn't apply. The website operator could have integrated the fonts directly into their website, thereby avoiding sending IP addresses to Google. Small sum and yet, this is about actual compensation! "The defendant is ordered to pay the plaintiff € 100.00 plus interest thereon in the amount of 5 percentage points above the base rate since 28.01.2021." https://rewis.io/urteile/urteil/lhm-20-01-2022-3-o-1749320/ 23
24.
aurelie.pols@protonmail.com © prepared
by Aurélie Pols for Aurelie Pols & Associates – Another example Spotify to support portability 24
25.
Privacy fighting for engineering
resources But who asks for what? Where does the risk lie? Education is essential 25
26.
aurelie.pols@protonmail.com © prepared
by Aurélie Pols for Aurelie Pols & Associates – Who gains? 26
27.
aurelie.pols@protonmail.com © prepared
by Aurélie Pols for Aurelie Pols & Associates – The worst job today? 27 Link https://iabeurope.eu/blog/wa nt-to-join-the-iab-europe- team-new-position-available- privacy-counsel/
28.
aurelie.pols@protonmail.com © prepared
by Aurélie Pols for Aurelie Pols & Associates – Conclusion • Is RTB legal? Probably not • Who takes on the risk? • Not the IAB • Not the vendors • The publishers maybe? • Who wants to punish the publishers? • …. • Question everything! • As Chris said, there are different angles. Always! Find the (risk) balance 28
29.
Thank you for
listening Aurelie.pols@protonmail.com 29
Download now