• by Laurie Sullivan  @lauriesullivan, November 3, 2023

The IAB Tech Lab put in motion the next steps to its Data Deletion Request Specifications after unveiling the plan Thursday to help digital ad companies comply with consumers' requests to delete their data.

Anthony Katsur, CEO at IAB Tech Labs, said on Friday that the specifications will rely on a signal to propagate the data-deletion request throughout the supply chain, rather than stop at the publisher or the publisher’s partners.

“The challenge a publisher has with today’s tools is they can delete the content within the publisher’s four walls, and maybe one degree removed, but there is a myriad of companies that go into delivering one ad,” he said. “The challenge with any solution is the inability to propagate the signal throughout the digital supply chain.”

It is a difficult technology to deploy, but it is necessary, he added. Propagation and tracking of the delete request -- along with the validation that the request occurred -- is difficult. In time, there will be an audit function, so when a request is made, the delete will be verified.

“Privacy isn’t easy, but it’s necessary,” he said. “I hope the industry has the stomach and wherewithal to adopt this.”

Adoption and the work being done by The Accountability Working Group, Katsur said, is up to the industry -- which has 45 days to comment -- but the specifications do meet legal requirements. Data deletion requirements already exist, but the framework spreads the request throughout the supply chain.  

“We would love to hook up this framework to the Consumer Reports’ tool,” Katsur said.

The publisher -- Consumer Reports -- has a tool to support data deletion, but it doesn’t propagate the delete signal to third parties. The tool, Permission Slip, only follows through with the deletion request to one degree removed from the consumer. The tool will delete consumer information from a brand or publisher, but it doesn’t take a next step.

When asked why the Do Not Call list established by law in March 2003 didn’t continually deter spam calls on landline and mobile phones, Katsur attributed it to “lack of enforcement by the FCC.”

The “forgotten initiative” worked great for the first year or two. He acknowledged a lack of strict enforcement, and said he now gets spam calls two or three times a day.

Why will the IAB Tech Lab’s specifications work better than the Do Not Call List of the early 2000s? “I think we’re in a different time,” Katsur said. “Consumers and government regulators have data security and privacy at the front of their minds,” he added. “Do Not Call did work for the first couple of years. It was enforced. I remember a noticeable decline in spam calls. It came out of the gate successful, and I think the same will be true here given there’s such an intense focus on data privacy.”