Ad trackers continue to collect Europeans’ data without consent under the GDPR

More than three years after Europe’s sweeping privacy law took effect, consent mismatches and illegitimate data collection continue to undermine advertisers’ and publishers’ efforts to comply with the General Data Protection Regulation. These issues bedeviled companies back in 2018, and new data shows continued gaps between the permissions people give companies to collect and use their data and what ad tech firms actually do.

On the average day between May and the end of August this year, 500,000 online ad impressions served in Europe contradicted the data-collection choices people made as required under the GDPR, according to ad security monitoring company Confiant, which sees digital ad activity across tens of thousands of websites. It’s worth noting that millions of ad requests might be processed each second by just one digital ad platform, so half-a-million ad impressions represents a miniscule portion of all the ads served every day.

Read more