This article originally appeared in Digiday on September 10, 2019.
The clock is ticking for ad tech businesses that are still playing fast and loose with their compliance with the General Data Protection Regulation.
In June, the U.K.’s data protection authority, the Information Commissioner’s Office, told the ad tech industry that the current way personal data is used within programmatic advertising transactions on the open exchange, via real-time bidding, is not compliant. The DPA gave a six-month grace period for them to address any gaping holes. That leaves four months to go.
Speaking at ExchangeWire’s ATS event in London on Sept. 9, the ICO’s head of technology and policy, Ali Shah, encouraged ad tech businesses still relying on a legitimate interest to come forward and engage with the regulator. Shah promised those that do so won’t face financial penalties — as long as they come forward within the next four months.