Google certified CMP

[liayn]

https://blog.google/products/admanager/new-cmp-requirement/

TL;DR: Google requires certified consent management for everyone using one of their Ad products. All consent solutions need to apply for review. (Link for this is in their blog post too)

Does Klaro consider applying for this?

[integrationEven]

Hi,

Any news regarding certifcation?

[bjoerns1983]

Would also like to know if there is any chance getting the self hosted Klaro CMP TCF-2.2 certified

[adewes]

Hey everyone, thanks for bringing this up. Not sure if this will be viable for Klaro, Google and TCF-2.2 are very privacy-hostile. I had exchanges with IAB Europe but they were not very productive and back then they would not even allow an open-source CMP to go through their certification as it is targeted towards commercial providers and did not accommodate solutions that can be self-hosted (as they integration requires a CMP vendor ID). Getting certified also requires an IAB membership that costs 1600 € / year. So I don't think this will be possible.

[adewes]

Here's the original conversation with IAB in case anyone's interested: https://github.com/InteractiveAdvertisingBureau/GDPR-Transparency-and-Consent-Framework/issues/263

Basically an open-source CMP cannot be certified by IAB as its source code can be modified and such modification could render the CMP incompliant. They simply do not want open-source CMP providers to exist.

[bjoerns1983]

Thanks for the clarification. That means infact that no small private website will be able to use Googles Ads as founding if they do not pay a CMP provider, and they start from somewhere from 20-50€ per month, which must be earnd first.

[bjoerns1983]

On the other hand, what does it mean for heyklaro.com?

[adewes]

I think that's a correct interpretation. As my personal opinion, the whole TCF scheme is devised to deflect compliance risk away from ad providers to CMP providers and publishers. I find the IABs approach to be fundamentally incompatible with the GDPR and privacy in general, as users are confronted with vendor lists containing thousands of third parties and cannot possibly understand how their data will be processed by these vendors. Hence an informed consent choice is simply not possible.

What it means for klaro.org is that we will simply not be the right consent platform for ad-supported websites. The way personal data is currently shared and processed in online advertisement is (in my opinion) fundamentally at odds with privacy, this cannot be fixed by any type of consent management. Luckily there are many use cases where website publishers do not rely on privacy-intrusive advertisements to fund their websites, Klaro is still a viable option for them.

[bjoerns1983]

Yeah i think we will also have to find another way of funding our community project, maybe via donations or via sponsoring. Ads were convenient, so most of the time info leechers (aka guests) "paid" for the plattform instead of the content creators in the forum, which donate their time and work in such a project. I think that could shift with another funding concept, but doing ads without google does not seem to really make sense, too much hassle for what you get paid.

Nevertheless, thank you for creating klaro.

[liayn]

Thanks for the information and update.

[celius]

Hi. I'm wondering if my understanding of this is correct:

• If I run a website and use Google Ads to get user to visit this site, there's no issue with running Klaro?
• If I run a website showing Ads from Google Adsense (or the likes), then I've got issues using Klaro?

I've found no good information to separate these two, but from what I've found this is mainly affecting "publishers" (showing Ads) and not the business seeking to reach out to potential clients through Google Ads campaigns?

[liayn]

Hi. I'm wondering if my understanding of this is correct:

* If I run a website and use Google Ads to get user to visit this site, there's no issue with running Klaro?

* If I run a website showing Ads from Google Adsense (or the likes), then I've got issues using Klaro?

I've found no good information to separate these two, but from what I've found this is mainly affecting "publishers" (showing Ads) and not the business seeking to reach out to potential clients through Google Ads campaigns?

Correct: It only matters for those who show the ads on their website and hence need to seek consent. (Publishers in the terms of Google)

[celius]

Thanks!

Correct: It only matters for those who show the ads on their website and hence need to seek consent. (Publishers in the terms of Google)

[kocjs]

As fare as i understand this applies for EEA and UK only. Good to know for all klaro users that operate outside of that area. It is apparently possible to disable targeted adds in those areas.