The conclusion of a report by the Norwegian consumer association, Forbrukerrådet, minces no words: adtech is systematically in breach of GDPR rules. The report’s title is Out of Control.
The extent of tracking makes it impossible for us to make informed choices about how our personal data is collected, shared and used, Finn Myrstad, director of digital policy in the Norwegian Consumer Council is quoted. This is a key issue. The GDPR demands meaningful consent, not just the token consent that sites and apps still often try to get away with. Earlier a French ruling stated much the same about a boiler plate consent form advocated by IAB and that form has since disappeared, or at least I don’t encounter it anymore during my web surfing.
It reads as if the report is the basis for various GDPR complaints in multiple EU countries, so it will be interesting to see those progress through the system.
I’m very much in agreement with Doc Searls position that GDPR is lethal to AdTech.
I came across a nice illustration of the effect (ht Tomasino). Below is an image that shows you what happens when you visit USAToday on its GDPR compliant version and its non GDPR version. Paul Calvano who made the image says “The US site is 5.5MB and contains 835 requests loaded from 188 hosts. When loaded from France it’s 297KB, 36 requests and contains no 3rd party content.” The image shows what a striking difference that is: