In a decision of 2 February 2022, 28 EU data protection authorities, led by the Belgian Data Protection Authority as the leading supervisory authority in the GDPR’s one-stop-mechanism, found that the online advertising industry’s trade body “IAB Europe” commits multiple violations of the GDPR in its processing of personal data in the context of its “Transparency and Consent Framework” (TCF) and the Real-Time Bidding (RTB) system.
The consent popup system known as the “Transparency & Consent Framework” (TCF) is on 80% of the European internet. The tracking industry claimed it was a measure to comply with the GDPR. Today, GDPR enforcers ruled that this consent spam has, in fact, deprived hundreds of millions of Europeans of their fundamental rights.