In this LevelUp episode, Jess Overton sits down with Božo Janković, Head of Ad Monetization at GameBiz Consulting. Together, they dive into the new TCF 2.2 requirements, how to comply with them, what you need to know about Consent Management Platforms, and how to choose the right one for your app.
Tune in here or read the highlights below:
TCF 101
So TCF or the Transparency and Consent Framework is a standard or framework by the International Advertising Bureau or IAB. This is pretty much an organization or an agency that's trying to create some standards in the digital advertising industry and trying to consolidate them.
And so TCF is one of the standards that they created which is supposed to regulate how developers, and in general companies, are collecting personal data from the users for the purposes of advertising.
TCF has been around for a while, at least since GDPR was introduced. And I think that was the motivation for introducing the standard.
Now, the latest version is TCF 2.2. Initially, it was supposed to be implemented by 30th September 2023. However, the deadline has been pushed back a little bit. So now we're looking at 20th November 2023, as the deadline for introducing the standard across the industry.
What's new in the latest TCF requirements
With TCF 2.2 they are trying to get rid of some of the things that maybe haven't been perfectly implemented. And, they were trying also to simplify things for the users and make the framework even more transparent and everything around data collection and data processing.
So for example, with TCF 2. 2, publishers will now have to disclose, on the first UI layer, how many partners they're working with. And so this is now considered an important piece of information for the users of apps and mobile games to have. Apart from they will now have to disclose all of the purposes for the collection and processing of user data.
The IAB has now said everything around advertising and personalized ads cannot be declared as a legitimate interest, and it actually has to be on a consent basis. So, users have to consent in order for their personal data to be collected and then processed for personalized advertising. I think those two are the two biggest changes.
What you can expect if you comply
First of all, you're complying with Google's requirements, which is good. So you're not losing any Google traffic and your ECPMs and ad revenue should be stable. Now, apart from that, you might even get the benefit of getting some additional competition for your inventory because, even now, maybe some smaller players, some of the DSPs, and some of the advertisers are actually asking for a TCF 2.2 stream.
And so implementing this standard we can potentially expect even see an increase in fill rates for publishers who have issues with that. I've seen some case studies where publishers who have already implemented the TCF, claim that they have seen increases in eCPM.
What is a CMP
CMP is a consent management platform. It's pretty much a tool provided by different companies in the market that enables you to actually generate this TCF 2. 2 string that you're supposed to pass on to an advertising network, in this case, Google, but potentially in the future to other networks as well. A CMP actually helps you with all of the logistics.
It's about creating that consent string, but also obtaining the consent itself from users. So, for example, what does the user experience look like once they install the app? One of the first things they're going to see there is going to be a message about data collection and processing and partners that are going to get that data and all the purposes and so on.
And users have a choice to consent. All of that is pretty much provided by a CMP who then based on the answers of the user generates the string that can be passed on to the network. The CMPs are tools that require developers to implement an SDK similar to those from ad networks for their technology to work in your mobile app.
CMP essentials
I'm going to try to summarize it. When it comes to CMPs, there are different aspects to be taken into account. I realized during my research, that there are maybe up to 20 different criteria to take into account. But just a few are:
What features do they have? Can you do A/B ad testing with them? What kind of visual changes can you make? Do they have an API available? Do you know what kind of customer support they provide? Is it? Is it more like a managed service or is it more an out-of-the-box kind of thing?
Plus, what was interesting for me was whether they're only supporting GDPR, and TCF consequently, as a mechanism, or they're also supporting other regulations because, looking ahead a little bit, this may not be the only requirement that Google imposes on us.
Although right now they're asking for TCF 2.2, further down the line, they might ask us to implement CCPA for California users or other regulations. And so I think it would be very tiresome just to implement another CMP one year from now.
