Enter your email address and we'll send you a link you can use to pick a new password.

If you no longer have access to the email inbox for your username, enter it here. If you have a recovery email on your account we'll send instructions to that email to change your username.

If you do not have a recovery email, contact [email protected]

arrow-downarrow-leftarrow-rightarrow-upbiocircleclosedownloadfacebookgplus instagram linkedinmailmenuphoneplaysearchsharespinnertwitteryoutube

An Analysis of GDPR Challenges to Behavioral Advertising

OpenRTB and GDPR

On September 12, 2018, complaints were submitted to regulatory authorities in the UK and Ireland, alleging that OpenRTB is a “mass data broadcast mechanism” that violates the GDPR. More broadly, the complaints state that the “ad tech” industry has not taken any meaningful effort to comply with the GDPR, including with respect to notice and choice or other technical controls, and that any reliance on a “legitimate interest” when engaging in real-time bidding is invalid. As a result, the complaints demand an EU-wide investigation into the industry and regulatory audits of participating organizations.

The below article provides strong counter-arguments to the complaints’ specious claims by explaining that:

  • The GDPR regulates an organization’s use of technologies, such as OpenRTB, and not the technologies in and of themselves
  • Among other technical measures, the digital advertising ecosystem has put in place several impression-level controls to address data protection;
  • IAB Europe’s Transparency and Consent Framework is consistent with GDPR requirements for notice, choice, and security against unlawful processing; and
  • “Legitimate Interests” can be an appropriate legal basis for processing activities related to real-time bidding.

Read the Short Form Article

Read the Full Article