Introducing IAB Spain's TCPF - Q&A with Mikel Lekaroz

Mikel Lekaroz, founder and CEO of Adbibo by Next14 and a member of IAB Spain's Innotec, talks to ExchangeWire about the initiative's Transparency, Consent, and Privacy Framework (TCPF), explaining how it works and what it aims to bring to the digital advertising ecosystem.


What is the purpose of the TCPF?

TCPF is conceived as an ID solution for the non-authenticated traffic, something that most solutions proposed since the phasing out of third-party cookies, do not handle.


How does it work?

The flow starts on the CMP where the user grants consent for the generation of a pseudo-anonymous universal Identifier. The user is then redirected to a central independent domain where the random ID is generated in the form of a first-party cookie and then is taken back to the local domain where the ID is synchronised with. A data controller for the central domain needs to be appointed.


How will the solution be governed, and what respective roles will publishers, tech vendors, and advertisers play under it?

Mikel Lekaroz

At the moment the Board of Directors of IAB Spain has approved its development and we are currently discussing with other industry associations to confirm their participation in the project. In order to speed up the project, it seems most logical that a limited company will be incorporated as soon as possible, by as many industry associations as possible. We are still in discussions on the governance model, which will probably include specific boards for legal, technical and business issues. The limited company will have no interest in making a profit and should eventually evolve into a foundation.


Whilst it’s clear that user privacy is at the core of the TCPF, do you think web visitors could remain unconvinced? If so, what else does the industry need to do to reassure them that their data will be safe?

The project will need a simple user experience in which the information on the purpose and the flow are thoroughly explained to the user. We believe that, considering the vast adoption of the TCF amongst publishers, the solution will leverage on that and should gain the industry’s trust. Moreover, adoption amongst brands and marketers will be fundamental to enhance this trust.


Aside from privacy, what other industry shortcomings does TCPF seek to address?

With the generation of a GDPR compliant random pseudo-anonymous ID, we will be in a position to offer the online advertising industry the possibility to continue operating as usual. TCPF’s ID will be shared in the bid stream using extended Identifiers (eIDs) and therefore all the actors in the ecosystem will be able to perform, targeting, retargeting, customer journey, etc.


What are Innotec’s near-term and long-term aspirations for TCPF?

The central independent domain in which the ID is generated and whose data controller still needs to be appointed, will allow users to manage the specific information on which platforms have been granted with the ID, where this ID was granted and for how long.

Eventually, the central domain could become a Zero Party Data in which the user could fully manage his/her preferences on categories, brands, interests or purchasing intentions, whitelisting or blacklisting any of them. These features fulfil one of GDPR's most important goals of empowering users to manage their privacy.