This website makes use of Google Analytics cookies.
For more information on how to block such cookies, please read our cookie policy.
By using this website, you agree to the use of cookies as explained in the cookie policy.

Blog

IAB Europe statement on the Opinion of Advocate General Szpunar in Case C-673/17 Planet49 GmbH

IAB Europe has taken note of the Advocate General’s opinion in Case C-673/17 Planet 49. As an organization that is actively helping the digital advertising industry in understanding and complying with EU privacy and data protection law, IAB Europe takes great interest in cases that clarify the obligations companies have under EU privacy and data protection rules.

While we are still reviewing the Advocate General’s opinion in its entirety, and keeping in mind that this is a non-binding opinion, its key aspects seem rather unsurprising. AG Szpunar confirms some requirements of EU privacy and data protection law that should be self-evident from an expert reading of the General Data Protection Regulation (GDPR) and ePrivacy Directive, and which IAB Europe has been advising its members of for several years.

The law unequivocally requires an affirmative action for a user to give consent, ruling out automatic consents, or consents “implied” from inaction. The law also unequivocally requires that users are informed of both the presence and the identity of any third parties who use cookies and/or process the personal data of users. There are many ambiguities in the law, this case was not about any of them.

IAB Europe’s expert understanding of the law — which appears to be shared by the Advocate General — has made us realize early on that GDPR compliance by the digital advertising industry cannot easily be achieved without close cooperation by all involved. This has driven us to develop the Transparency & Consent Framework (Framework) in order to provide a practical standard solution for the industry.

Any publisher, advertiser or technology company who was surprised by the Advocate General’s opinion should take this as a subtle hint to up their data protection game, and consider adopting the Framework with a view to achieving greater GDPR and ePrivacy Directive compliance.

Our Latest Posts

Lines (1)