Cookiebot and the IAB Consent Framework

Follow

Comments

12 comments

  • Avatar
    Ernesto Rodríguez Ageitos

    Hi. One of my ad agencies ask me to provide a 'consent string' as described on https://blog.smartadserver.com/gdpr/gdpr-understanding-iab-europes-transparency-consent-framework/

    Is there any way to get such a string from Cookiebot?

    TIA,

    0
    Comment actions Permalink
  • Avatar
    Ernesto Rodríguez Ageitos

    I answer to myself: there is a forum post that address the issue I was asking for: https://support.cookiebot.com/hc/en-us/community/posts/360025082294-IAB-framework-consent-string-and-CookieBot

    0
    Comment actions Permalink
  • Avatar
    Scott Kublin

    I really wish you would take the time to update your documentation. Even though you recently updated this page to address IAB version 2.0, your information about Google Tag Implementation is still outdated. (You now have 3rd party Cookiebot tags available in GTM, that when used, only require a checkbox next to IAB to be checked in order to implement the IAB functionality.)

    1
    Comment actions Permalink
  • Avatar
    Ulrich Babiak

    Unfortunately, Brians article at https://support.cookiebot.com/hc/en-us/articles/360015693200-Your-Cookiebot-banner-when-using-the-IAB-TCF-v2-0-integration is closed for comments, so I add them here:

    Now that Cookiebot is strictly enforcing the new banner template when IAB is enabled on a site, we expect to see a dramatic drop of cookie acceptance due to the now exposed "necessary only" button.

    There are Publishers out there running CMPs with a much more "relaxed" template, especially without a "necessary cookies only" .   This is our competition, and not having that button is a huge advantage the have over us.

    I think that the Publisher should be in charage of what is displayed ... without IAB, we can (and do) use custom templates that might be seen controversial - but we do so at our own risk. The same  should be possible if IAB is enabled ...

     

     

     

    1
    Comment actions Permalink
  • Avatar
    Jacob Buch

    Ulrich, IAB is holding all TCF2 CMP's including Cookiebot responsible for compliance with TCF2 policies, not the individual publisher, which would seem more logical, as it is the publisher's property we are serving. If just a single site does not comply, IAB will block TCF2 for all sites across independent publishers using the same CMP. This is why we as a CMP have no choice to allow publishers to implement their own configuration.

    That said, we are currently discussing with IAB whether removing the opt-out-button would comply with the TFC policy, if the consent banner at the same time provides non-preticked checkboxes along with the "Allow Selection" button, which is in fact a full opt-out and also increases general opt-in rates by about 20% in avarage.

    As IAB is currently changing other parts of their policy, we will post an update soon when we have adapted those changes. In the meantime, IAB's recommendation is to report non-compliant competitors to framework@iabeurope.eu.

    0
    Comment actions Permalink
  • Avatar
    Martin Omander

    The article says:

    "Please also make an attestation of compliance in a prominent location on your website, such as in a privacy policy".

    When I follow the link from the article to the IAB TCF website, I find section 19.2 which says this about the notice in the privacy policy:

    "This language must at a minimum include: [...] the IAB Europe assigned ID of the CMP that the publisher uses."

    What is CookieBot's ID as assigned by IAB Europe?

     

     

     

     

    1
    Comment actions Permalink
  • Avatar
    Martin Omander

    After a lot of searching, I finally found what I believe is CookieBot's ID as assigned by IAB Europe: 134 (source). Please correct me if I'm wrong.

    Following IAB Europe's rules, we as publishers should include text like this in our privacy policies (replace XYZ with the name of your organization):

    XYZ participates in the IAB Europe Transparency & Consent Framework and complies with its specifications and policies. XYZ uses the Consent Management Platform with the identification number 134.

     

    0
    Comment actions Permalink
  • Avatar
    Jacob Buch

    Martin, Cookiebot IAB TCF CMP id is 134. We have updated the article to make this clear, thank you.

    0
    Comment actions Permalink
  • Avatar
    Elle Spark

    To support publishers, technology vendors and advertisers in meeting the transparency and user consent requirements of the GDPR and ePrivacy Directive, IAB Europe (Interactive Advertising Bureau) has created the GDPR Transparency and Consent Framework (TCF v2.0).

    As the framework is widely supported by the online advertising industry, Cookiebot is registered and certified with IAB as a consent management provider (CMP id 134) and has adopted the framework as an optional supplement to the core consent framework already included in the Cookiebot solution. The integration also covers Google's "Additional Consent Mode" (Google AC) as a bridge for vendors who are not yet registered on the IAB Europe Global Vendor List (GVL).

    I think the IAB Transparency and Consent Framework is a standardized means for online advertisers and marketers of communicating the state of user consent between first parties, third parties and the consent management system in use on the first party's website.

    0
    Comment actions Permalink
  • Avatar
    Asad0096

    What is the IAB Framework, and how does it meet the requirements of the GDPR? What should you do when it comes to consent management and cookie?

    0
    Comment actions Permalink
  • Avatar
    Ulrich Babiak

    What if we only want to configure a specific vendor whitelist and use default for the rest of the settings? Can we supoly the AllowedVendors key only, or do we have to add all keys/attributes?

    Example: Will this work with our whitelist, and defaults for the other settings?

    <script id="CookiebotConfiguration" type="application/json" data-cookieconsent="ignore">{"Frameworks": {"IABTCF2": {"AllowedVendors": OUR-WHITELIST-HERE }}}</script>

    Regards

    Ulrich

    1
    Comment actions Permalink
  • Avatar
    Jacob Buch

    Ulrich, you only need to define the keys that should differ from the defaults, so your whitelist example is correct.

    1
    Comment actions Permalink

Please sign in to leave a comment.