Home Privacy French Data Regulators Place Targeted Advertising In The Crosshairs

French Data Regulators Place Targeted Advertising In The Crosshairs

SHARE:

France’s data protection regulator is going public with its action plan – and targeted online advertising is to be a “priority topic.”

The Commission nationale de l’informatique et des libertés (CNIL) shared its 2019-2020 agenda in response to appeals from the public, privacy advocates and online marketing professionals looking for guidance on how to comply with the General Data Protection Regulation (GDPR).

Even more than a year out from the GDPR’s enforcement date, compliance remains a moving target.

The ePrivacy Regulation, which will eventually introduce new rules on the use of cookies, is still being debated by EU legislators. But when it’s ready, parts of the ePrivacy regs will take precedence over certain provisions in the GDPR, and that’s leaving the ad industry on shaky ground. For now, all they’ve got to go by are outdated guidelines based on the now-obsolete ePrivacy Directive.

AdExchanger previously reported on the CNIL’s plan to give publishers roughly a year to keep using outmoded scroll-based cookie notices while the agency works to update its cookie guidelines to match the spirit of GDPR, rather than waiting for the ePrivacy Regulation to replace the Directive (whenever the heck that’ll be).

The CNIL will meet with advertisers, ad tech intermediaries and publishers to brainstorm the details over the coming months, and looks to publish its recommendations for public comment by the end of the year or early 2020 at the latest.

The reprieve is an acknowledgement that companies need clearer instructions on how to comply.

But despite taking mercy on pubs and the ad tech companies who love to pixel them, the CNIL said it will continue to investigate complaints during the grace period and, if called for, conduct inspections to make sure that cookies aren’t being dropped before consent is collected. Companies will also be expected to comply with any obligations under GDPR that aren’t in flux, including those related to data security and giving consumers the ability to easily withdraw consent.

The CNIL’s intentions are in line with its counterpart in the United Kingdom, the Information Commissioner’s Office (ICO), which will start investigating the implications of RTB in July.

To date, at least seven complaints contending that RTB is illegal under GDPR have been brought in jurisdictions across Europe, including in the United Kingdom.

In mid June, the ICO issued a disparaging report on the practice of real-time bidding, noting that the “ad tech industry appears immature in its understanding of data protection requirements.”

Subscribe

AdExchanger Daily

Get our editors’ roundup delivered to your inbox every weekday.

It added that the IAB Europe’s Transparency and Consent Framework is “insufficient” under GDPR. But, like the CNIL, the ICO isn’t going to war with ad tech right now.

The ICO is planning to schedule meetings of its own with key stakeholders to gather more information and it might undertake an industry review in six months, depending on what it finds.

Even so, the ad tech industry would do well not to turn a blind eye to these rumblings. It’s not paranoia if they’re really out to get you.

“We expect data controllers in the ad tech industry to reevaluate their approach to privacy notices, use of personal data and the lawful bases they apply within the RTB ecosystem,” the ICO warned.

The CNIL did not respond in time for publication.

Must Read

CleanTap Says It Easily Fooled Programmatic Tech With Spoofed CTV Devices

CleanTap claims that 100% of the invalid traffic it spoofed was accepted into live auctions run by programmatic platforms and was successfully bid on by advertisers.

HUMAN Expands Its IVT Detection Tool Kit With A New Product For Advertisers, Not Platforms

HUMAN has recently started complementing its bid request analysis by analyzing the time between when a bot clicks an ad and when the landing page loads. Now it’s offering the solution to individual advertisers.

Index Exchange Launches A Data Marketplace For Sell-Side Curation

Through Index Exchange’s data vendor marketplace, curators gain access to third-party data sets without needing their own integrations.

Privacy! Commerce! Connected TV! Read all about it. Subscribe to AdExchanger Newsletters

Can Publishers Trust The Trade Desk’s New Wrapper?

TTD says OpenAds is not just a reaction to Prebid’s TID change, but a new model for fairer, more transparent ad auctions. So what does the DSP need to do to get publishers to adopt its new auction wrapper?

Scott Spencer’s New Startup Wants To Help Users Monetize Their Online Advertising Data

What happens when an ad tech developer partners with a cybersecurity expert to start a new company? You end up with a consumer product that is both a privacy software service and a programmatic advertising ID.

Former FTC commissioner Alvaro Bedoya speaks to AdExchanger Managing Editor Allison Schiff at Programmatic IO NY 2025.

Advertisers Probably Shouldn’t Target Teens At All, Cautions Former FTC Commissioner

Alvaro Bedoya shared his qualms with digital advertising’s more controversial targeting tactics and how kids use gen AI and social media.