The Transparency Consent Framework is a collaboration of parties to optimize the monetization of websites, with digital advertising, under the GDPR by standardizing consent technology. The TCF will register CMP’s, or Consent Management Platforms like Complianz to service publishers with standardized technology and global consent.
As defined by IAB Europe
i. The Transparency and Consent Framework consists of a set of technical specifications and policies to which publishers, advertisers, technology providers, and others for whom the Framework is of interest may voluntarily choose to adhere.
ii. The goal of the Framework is to help players in the online ecosystem meet certain
requirements of the ePrivacy Directive (and by extension its successor, the upcoming ePrivacy Regulation), and General Data Protection Regulation by providing a way of informing users about inter alia the storing and/or accessing of information on their devices, the fact that their personal data is processed, the purposes for which their personal data is processed, the companies that are seeking to process their personal data for these purposes, providing users with a choice about the same, and signaling to third parties inter alia which information has been disclosed to users and what users’ choices are.
iii. Achieving the goals of the Framework requires standardization of technology, for example of how information is disclosed or how user choices are stored and signaled to participants. It also requires standardizing certain information provided to users, choices given to users, behaviors that participants engage in when interacting with users, or responding to requests between participants.
iv. The Framework is not intended nor has it been designed to facilitate the lawful processing of special categories of personal data, data relating to criminal convictions, or engaging in certain more strictly regulated processing activities, such as transferring personal data outside of the EU, or taking automated decisions, including profiling, that produce legal or similarly significant effects, for which the law requires meeting additional requirements such as obtaining explicit consent.
v. While participation in the Framework may be a useful, indeed essential building block for the online ecosystem’s compliance with EU privacy and data protection law it is not a substitute for individual participants taking responsibility for their obligations under the law.
vi. The Framework is intended to be updated over time as legislation is updated (e.g. with the upcoming ePrivacy Regulation replacing the ePrivacy Directive), and legal requirements, regulatory practice, business practices, business needs and other relevant factors change.
source: IAB Europe
