In the next two to three weeks, IAB Europe expects the Belgian authority to communicate the draught judgement with other EU DPAs.
According to a complaint filed by the Belgian data protection authority's investigatory section a year ago, IAB Europe's Transparency and Consent Framework (TCF) failed to comply with GDPR. In a recent press statement by IAB Europe, the Belgian authority is in the process of finalising a preliminary judgement, and the regulatory body is expecting a verdict to rule out that the TCF does violate the GDPR.
The verdict could also charge IAB Europe in breach of itself. IAB said that DPA "will apparently identify infringements of the GDPR by IAB Europe". However, by calling the findings "fixable" within six months but not specifying how, the breach finding itself may not be fixable as other DPAs must rule in.
While the final verdict could likely take months, appeals are also likely to emerge. However, if the DPAs disagree and cannot reach an agreement, the European Data Protection Board may be forced to intervene to take a binding decision.
[7 minute read]