add cookieRefresh transparency to GVL

[alextcone]

TCF v2 Policy 16(2bis) currently prohibits Vendors from refreshing the maximum storage duration without re-consent from the user. Re-consent may never happen (or at least not within a useful timeframe) since the Policy only requires users to be reminded of their choices every 13 months. The aim of this update is to remove this prohibition and instead introduce transparency via an additional field in the GVL for vendors to indicate whether refresh can happen.

This tech spec already requires Vendors to include the initial lifespan of the cookie without accounting for duration extensions where storage is refreshed so this would not mean major changes for Vendor registration. The spec does, however, need to accommodate an additional Global Vendor List Field below the cookieMaxAgeSeconds field (in addition to granular disclosures in deviceStorage.json) so that Vendors can provide transparency on initial duration and, in addition, on whether such duration is susceptible to refresh.

[dmdabbs]

Howdy @alextcone I made the following changes while reviewing:

• Removed extra word, possessive change and adding cookieRefresh to the example.
• And some other apparently changeless commit.
• And I reviewed and approved the preceding three commits.

[alextcone]

This is ready to merge at the request of IAB Europe TCF MO via the Policies Working Group and Steering Group. Actual GVL updates are managed by IAB Europe (not IAB Tech Lab) and will be reflected in upcoming weekly updates to the GVL.