The TCF (Transparency and Consent Framework) String is a standardized format for communicating user consent choices and publisher transparency information in the digital advertising ecosystem. It is used by companies that participate in the TCF, which is a set of technical and policy standards for managing user consent and transparency in digital advertising.
The TCF String is a machine-readable string that encodes the user's consent choices for data processing purposes, as well as information about the publisher's data processing activities and the legal basis for processing. It includes information such as the user's consent status, the purposes for which the data is being processed, the types of data being processed, and the legal basis for processing.
The TCF String is designed to be easily communicated between different systems in the digital advertising ecosystem, allowing for more efficient and transparent management of user consent and data processing. Advertisers and other companies can use the TCF String to ensure that they are only processing user data in accordance with the user's consent preferences and applicable regulations.
The TCF String is a long, encoded string of characters that contains all the information about a user's consent choices and publisher transparency information. It is designed to be machine-readable, so it is not meant to be read or understood by humans.
Here's an example of what a TCF String might look like:
The format of TCF string for EU and Canada are the same.
TCF (Transparency and Consent Framework) is a standardized approach developed by the Interactive Advertising Bureau (IAB) to provide transparency and user choice for online advertising in compliance with data protection laws such as the General Data Protection Regulation (GDPR) in the European Union (EU) and the Personal Information Protection and Electronic Documents Act (PIPEDA) in Canada.
The TCF for the EU requires that users must give their explicit consent to the processing of their personal data for online advertising purposes, whereas the TCF for Canada allows for implied consent in some circumstances.
In the EU, GDPR violations can result in fines of up to 4% of a company's global annual revenue or €20 million, whichever is higher. In Canada, PIPEDA violations can result in fines of up to CAD $100,000.