IAB GDPR Cheat Sheet

Data Transparency and Compliance Program

The European Union’s General Data Protection Regulation (EU GDPR) establishes new requirements on companies that collect, use, and share data about EU citizens. As of May 25, 2018, all companies handling data of EU citizens must adhere to these new data privacy and security measures, regardless of whether the organization is located within the EU or not, or face severe penalties. Several key changes impacting the digital advertising industry include:

  • A broader definition of personal data that includes IP addresses and cookie identifiers
  • Higher standards for establishing valid consent: Under GDPR, consent must be “freely given, specific, informed, and unambiguous” and made by a statement or by a clear affirmative action. Companies are responsible for demonstrating that consent was given . . .


    You must be an IAB Member to continue reading.

    To receive IAB member benefits, you must be employed by one of our member companies and have a verified business email address associated with your account.



    If you have an IAB Portal account, please create a new account on iab.com and we will link to your records. If you're logged in and believe you are seeing this message in error, log out and try with another account or contact us about your company's membership status.

    Contact [email protected] with press inquiries.