OKO Digital

The ad optimisation people

  • Home
  • Publisher Solutions
    • Website Monetization
    • Header Bidding
    • AdX – Google Ad Exchange
    • App Ad Monetization
    • WordPress Monetization
  • About us
    • OKO & the OKO team
    • Careers
  • Blog
    • Latest blog posts
    • Ad Blocking
    • Ad Exchange (AdX)
    • Ad Optimisation
    • Ad Performance & Page Speed
    • Ad Publishing Landscape
    • AdSense
    • DoubleClick For Publishers (DFP)
    • Exchange Bidding
    • Google Ad Manager
    • Google Certified Publishing Partners
    • Header Bidding
    • Privacy & GDPR
    • Program Policy
    • Open Bidding
    • Traffic
  • Contact

Privacy and GDPR, Program Policy . 15th March 2019

Why are some publisher getting GDPR warnings from Google?

Considering the attention that Google gets over data privacy, it didn’t come as much of a surprise when they started warning publishers about compliance to their User Consent policy back in December. What is more surprising is why some publishers have had warning & others haven’t, even though they seem to be making the same mistakes.

Google’s EU User Consent Policy governs how any publisher with users in the European Economic Area need to deal with obtaining user permission for data storage and processing before certain Google services can be used on page. The policy doesn’t actually ask too much of publishers, but it isn’t the easiest to navigate. Any publishers not sure of how that policy applies to their website should take a look at our free guide to Google’s EU User consent policy.

What mistakes are being made by those receiving the warnings?

Warnings we have seen related to two issues, both of which are very common amongst publishers who have not received the warnings:

The domain does not request consent at all

The EU User Consent Policy requires that we inform users in the EEA about how their personal information is used and obtain their permission for this use. The first batch of warnings relate to sites where no such notice exists at all. Despite the publicity around consent notices, it is surprisingly common to still see them missing from ad serving websites.

The wording of the notice does not meet the policy

The EU User Consent policy has very specific requirements in terms of what we communicate to publishers. Where there is a CMP in place, but the wording does not meet those requirements this warning is being sent.  Perhaps surprisingly, most of the domains that we see getting this warning are using some of the most popular freely available CMPs such as Quantcast Choice and the Appnexus CMP.

Why are publishers who use a popular CMP getting warnings?

The most popular CMPs use the IAB Consent Framework, which is an agreed standard for participating adtech companies to handle consent. Google is not yet signed up to this standard (and is not expected to be until version 2.0 is released). That means that IAB only CMPSs do not include Google in their providers list. These CMPs can be “hacked” to make them compliant with the policy, but they are not compliant by default.

If the big CMPs are not compliant, why are more publishers not getting the warnings?

The mistakes we have seen flagged by Google are very common amongst publisher sites and it was initially difficult to understand why some site were receiving warnings whilst others were not. We now know that Google are prioritising domains that they have received user feedback/complaints about through the ‘report this ad’ mechanism.

If you have received a warning then you can be confident that your users have flagged the issue to Google.  If you have not, then it does not mean that you are compliant, just that it has not yet been bought to Google’s attention.  In this case we would recommend reading the guide and starting work on becoming compliant now whilst you have time to complete the work at your own pace.

What happens if publishers ignore the GDPR warnings?

Google are definitely taking enforcement action over EU User Consent Policy compliance. Preferred action would seem to be to block the domain from serving Google ads – a process that can take time to reverse.Euu Consent Guide Button

Privacy and GDPR, Program Policy . Publisher News, Tips

About Abbey Colville

SEARCH

TOPICS

  • Ad Blocking
  • Ad Exchange (AdX)
  • Ad Optimisation
  • Ad Performance & Page Speed
  • Ad Publishing Landscape
  • AdSense
  • DoubleClick For Publishers (DFP)
  • Exchange Bidding
  • Google Ad Manager
  • Google Certified Publishing Partners
  • Header Bidding
  • Open Bidding
  • Privacy & GDPR
  • Program Policy
  • Traffic

Could the ads on your site be earning more?

Find out how OKO help publishers earn more from their ads.

LEARN MORE
Insticator

OKO Digital, The Cake Shed, Manor Farm, Manor Road, Hayling Island, Hampshire, PO11 0QW

Google Certified Publisher Partner Logo

OKO is a registered trademark and trading style of OKO Digital Limited. Registered in England company number 03867231. © OKO Digital Limited 1996-2018. All Rights Reserved.

  • Privacy Policy
  • Cookie Policy
Manage Cookie Consent
We use cookies to optimise our website and our service.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage vendors Read more about these purposes
View preferences
{title} {title} {title}