Regulators have been forced to push back against some industry giants

illustration of binary code data footprint being erased with squeegeeonline ad auctions leak web users’ sensitive data.

“We looked at the governance controls and technical components [of RTB protocols], and we thought the controls were just not robust enough,” he told attendees.

Shah further explained that in the coming months the ICO will start to make some judgment calls as to who is—and isn’t—serious about data privacy.

“You know, if this was a beach and [ad tech was] just sitting there chilling, I’d tell them that the tide is about to come in,” he added.

Meanwhile, IAB Europe has attempted to mediate the industry’s various competing interests with the drafting and publication of the Transparency Consent Framework, an initiative that got off to a stuttering start as Google failed to get on board upon initial publication.

However, even as these initial rifts have been healed and the industry conducts pilots to establish a more agreeable way to conduct data flows in the guise of TCF 2.0, some in the sector are questioning the fundamentals of how the industry operates.

Mathieu Roche, CEO of ID5, said a lot of ad-tech vendors currently rely on legitimate interest as their means of GDPR compliance. But that is very soft ground, he said, adding that “the days of all-you-can-eat data” will soon be numbered.

“I think there’s a new way of thinking, which involves redefining the way we access data. A lot of people will have to work out how they can offer access to data without necessarily offering access to identity,” explained Roche.

 » Read More