Google is asking web publishers to obtain consent on its behalf to gather personal information on European users and target ads at them using Google's products, part of a plan to keep up with data-privacy rules in Europe.
Under the European Union's coming General Data Protection Regulation (GDPR), set to go into effect May 25, global companies will be required in many cases to get user consent to gather personal information. Companies will also be required to be more transparent about the data they collect and how it is used.
Google responds to the changes by updating its EU user consent policy. According to Google, third-party websites and apps that use Google's ad technology to sell ads will be responsible for obtaining consent from end users in the European Economic Area. Google said that publishers that will fail to comply with the new policy, may force Google to limit or terminate their agreement with the search and advertising giant.
Publishers must obtain end users' legally valid consent to:
- the collection, sharing, and use of personal data for personalization of ads or other services.
In addition, Google says that publishers should retain records of consent given by end users; and provide end users with clear instructions for revocation of consent.
To make things even more complicated, publishers should also provide end users with "easily accessible" information about each party that may collect, receive, or use end users' personal data as a consequence of your use of a Google product.
The policy also requires that end users are told how to revoke consent to ads personalization. At a minimum, end users need to have information sufficient to easily reach their ad controls for a website or app.
Google promised to launch new functionality that allows publishers to disable personalized ads, which, however, still require cookies to operate.
Google's plans come amid sensitivity about the way technology platforms handle consumer data. Revelations that Cambridge Analytica, a data firm with ties to the Trump presidential campaign, improperly accessed and retained data on up to 50 million Facebook users, has put the social-media giant on the defensive, sparking a U.S. regulatory inquiry and an outcry from lawmakers in several countries.