Interactive Advertising Bureau

Transparency & Consent Framework

IAB Europe is the European-level association for the digital marketing and advertising ecosystem. Through its membership of national IABs and media, technology and marketing companies, its mission is to lead political representation and promote industry collaboration to deliver frameworks, standards and industry programmes that enable business to thrive in the European market

The Transparency & Consent Framework (TCF) v2.2

The General Data Protection Regulation (GDPR), which came into force on 25 May 2018, changed the data privacy landscape in Europe. GDPR was designed to harmonise data privacy laws across Europe, giving individuals greater control and transparency over their personal data while raising the bar for businesses to achieve lawful processing of personal information.

In anticipation of the entry into force of the GDPR, IAB Europe launched in February 2017 a collaborative effort by organising dedicated working groups attended by more than 70 member companies and sectoral trade associations, supported by the IAB Europe staff, to deliver, maintain and iterate an industry standard, the TCF, in an attempt to meet the needs of users, industry and regulators.

On 25 April 2018, TCF v1.1 was launched after an extensive industry consultation with IAB Europe and IAB Tech Lab members, and the broader digital advertising industry.

On 21 August 2019, TCF v2.0 was launched following extensive industry consultation particularly with publishers and the industry associations who represent all aspects of the industry.

On 19 August 2020, TCF v2.1 was launched to bring the TCF in-line with Planet49 ruling issued by the Court of Justice of the European Union and standardise the disclosure of the duration of operation of cookies.

On 16 May 2023, TCF v2.2 was launched to respond to the changes and needs of the industry, and introduce a number of iterations that relates to the Action Plan submitted to and validated by the Belgian Data Protection Authority (APD) (more information here).

TCF participants have until 20 November 2023 to adopt TCF v2.2 and make the necessary changes to their respective implementations.

What is the Transparency & Consent Framework (TCF)?

The TCF is an accountability tool that relies on standardisation to facilitate compliance with certain provisions of the ePrivacy Directive and the GDPR. It applies principles and requirements derived from these two legislative instruments to the specific context of the online industry, taking account of relevant EU-level guidance from the EDPB and national level guidance from Data Protection Authorities.

The TCF is a voluntary standard intended for use by three categories of stakeholders (and all such stakeholders are welcome to use the TCF - irrespective of whether they are members of IAB Europe)

1) Publishers: owners or operators of online content or services where personal data is collected and used by third-party companies (vendors) for digital advertising, audience measurement, or content personalisation.

2)  Vendors: third-party companies that do not ordinarily have direct access to end-users of publishers. Vendors can be Ad servers, measurement providers, advertising agencies, DSPs, SSPs, and more.

3)  CMPs (Consent Management Platforms): software or solution providers that develop notices (e.g. cookie banners) to inform users and capture their preferences with respect to the processing of their personal data. 

TCF Key Components

The TCF is a combination of key resources: 

  • TCF Policies
  • TCF Terms & Conditions
  • TCF Implementation Guidelines
  • Transparency and Consent (TC) String with Global Vendor List Format
  • The Consent Management Platform API
  • Vendor Device Storage & Operational Disclosures
  • Additional Vendor Information List Specification
  • Global Vendor List (GVL) 
  • CMP list

Why Work with TCF?

The TCF is a cross-industry voluntary standard that is intended to enable publishers of websites and apps (first parties) and technology partners that support the delivery, personalisation or measurement of advertising and content (third parties or vendors) to work together and provide users with a standardised experience when they make privacy choices.

TCF enables users to grant or withhold consent and also exercise their ‘right to object’ to data being processed. It includes minimum practical requirements that stems from guidelines of Data Protection Authorities and jurisprudence for informing users, providing them with privacy choices, and for respecting such choices.

Additional information

Continue browsing this section to find information on 

  • TCF Standardisation Principles 
  • How to join the TCF as a CMP and/or as a Vendor
  • TCF for CMPs
  • TCF for Vendors 
  • TCF for Publishers
  • TCF for Advertisers & Agencies
  • TCF Compliance Programmes 
  • TCF Governance structure

Please also visit the TCF v2.2 Supporting Resources page to review the most relevant resources about TCF v2.2, including the latest:  

  • TCF Policies 
  • TCF Terms & Conditions
  • TCF Technical specifications
  • TCF Implementation Guidelines
  • TCF Data Processing Purposes Translations
  • Lists of TCF Vendors & TCF CMPs
  • Vendors & CMP Notifications 
  • Compliance documentation
  • FAQs, Webinars and Blogs
Sign up for our newsletter
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram