Veale, M;
Zuiderveen Borgesius, F;
(2022)
Adtech and Real-Time Bidding under European Data Protection Law.
German Law Journal
, 23
(2)
pp. 226-256.
10.1017/glj.2022.18.
Preview |
Text
Veale_adtech-and-real-time-bidding-under-european-data-protection-law.pdf Download (647kB) | Preview |
Abstract
This article discusses the troubled relationship between contemporary advertising technology (adtech) systems, in particular systems of real-time bidding (RTB, also known as programmatic advertising) underpinning much behavioral targeting on the web and through mobile applications. This article analyzes the extent to which practices of RTB are compatible with the requirements regarding a legal basis for processing, transparency, and security in European data protection law. We first introduce the technologies at play through explaining and analyzing the systems deployed online today. Following that, we turn to the law. Rather than analyze RTB against every provision of the General Data Protection Regulation (GDPR), we consider RTB in the context of the GDPR’s requirement of a legal basis for processing and the GDPR’s transparency and security requirements. We show, first, that the GDPR requires prior consent of the internet user for RTB, as other legal bases are not appropriate. Second, we show that it is difficult—and perhaps impossible—for website publishers and RTB companies to meet the GDPR’s transparency requirements. Third, RTB incentivizes insecure data processing. We conclude that, in concept and in practice, RTB is structurally difficult to reconcile with European data protection law. Therefore, intervention by regulators is necessary.
Type: | Article |
---|---|
Title: | Adtech and Real-Time Bidding under European Data Protection Law |
Open access status: | An open access version is available from UCL Discovery |
DOI: | 10.1017/glj.2022.18 |
Publisher version: | https://doi.org/10.1017/glj.2022.18 |
Language: | English |
Additional information: | Copyright © The Author(s) 2022. Published by Cambridge University Press on behalf of the German Law Journal. This is an Open Access article, distributed under the terms of the Creative Commons Attribution licence (https://creativecommons.org/licenses/by/4.0/), which permits unrestricted re-use, distribution, and reproduction in any medium, provided the original work is properly cited. |
Keywords: | GDPR, e-Privacy Directive, cookie, real-time bidding, RTB, adtech, consent, transparency, security |
UCL classification: | UCL UCL > Provost and Vice Provost Offices > UCL SLASH UCL > Provost and Vice Provost Offices > UCL SLASH > Faculty of Laws |
URI: | https://discovery.ucl.ac.uk/id/eprint/10127120 |
Archive Staff Only
View Item |