AD Agencies
IAB Tech Lab finalises framework for streamlined Ad supply chain privacy compliance
Mumbai: IAB Tech Lab, the global digital advertising technical standards-setting body, announced today the release of the final Data Deletion Request Framework, following the conclusion of two extensive public comment periods. This milestone signifies an important step forward in handling consumer data privacy concerns within the digital advertising supply chain.
The Data Deletion Request Framework establishes a standardized mechanism for transmitting data deletion request signals throughout the digital advertising ecosystem. It provides provisions for validating request origins, ensuring requester authenticity, confirming receipt, and employing cryptographic signatures for authentication. By offering a holistic solution for handling data deletion requests, the framework aligns with the ‘Right to Delete’, a Data Subject Right (DSR) which is currently protected by the GDPR, 16 US state privacy laws, and additional privacy legislation, including Quebec Law 25.
“The industry has long struggled with the need for a standardized solution to manage data deletion requests,” said IAB Tech Lab director of product, privacy & addressability Jared Moscow. “The Data Deletion Request Framework addresses this challenge head-on, providing clear guidance and strategic insights into effectively handling these requests. Acting as the industry’s first signal for upholding consumer data subject rights, the Framework equips industry players with the technical tools necessary for efficiently managing data deletion requests.”
The Data Deletion Request Framework builds upon IAB Tech Lab’s portfolio of privacy compliance initiatives, including the Global Privacy Platform, the Accountability Platform, and the Privacy Taxonomy project. Collectively, these initiatives form a foundational framework for streamlining privacy regulatory compliance and advancing responsible data-handling practices in digital advertising.
Several organizations, including Google, Roku, Ketch, Sourcepoint, Dstillery, Raptive, Mediavine, and Index Exchange, were highly active in shaping the framework during the development process. Their close involvement exemplifies the collaborative nature of this industry-wide effort.
Google senior staff software engineer Mary Xiaoyong Liu Wang: “The Data Deletion Request Framework addresses a longstanding industry challenge. This framework provides a helpful foundation for managing data deletion requests at scale, and reflects a collaborative commitment to upholding privacy standards.”
Roku senior product manager, global privacy infrastructure Kale Smith: “The Data Deletion Request Framework is a vital tool for managing privacy at scale. This standard facilitates smoother communication of deletion requests across the ecosystem, significantly simplifying compliance efforts for large organizations like ours.”
Ketch head of solutions Jonathan Joseph: “The Data Deletion Request Framework will bring much-needed efficiency to the entire ecosystem, helping to automate what has, to date, been a manual, arduous process. We will be adopting and integrating it into our product solutions so our clients can take advantage of the new Framework.”
Sourcepoint product director Gabe Morazán: “Sourcepoint believes that Data Deletion Request Framework is a significant step forward for the industry. This Framework will help vendors better communicate with each other which will foster more collaboration and communication.”
Dstillery principal engineer Brian May: “We’re excited about the potential of the Data Deletion Request Framework to streamline efforts to honour user choices. By standardizing the process of communicating data deletion requests, the framework addresses a major pain point for the industry and creates an easier, lower cost path to compliance.”
Mediavine director of product management John Rosendahl: “The Data Deletion Request Framework solves critical challenges publishers face in transmitting data deletion requests. This new framework reduces the technical complexities in transferring data and provides publishers with the tools they require to remain compliant.”
Index Exchange senior product manager Patrick Cool: “Index Exchange will support the Data Deletion Request Framework for its ability to ensure secure and efficient propagation of requests to downstream partners. The framework’s use of signing and cryptography enhances trust and interoperability, which are crucial for maintaining privacy compliance across the ad tech supply chain.”
This interoperable framework supports compliance with existing privacy legislation and lays the groundwork for future privacy initiatives within the ad-tech ecosystem. To encourage adoption and implementation, IAB Tech Lab is offering a 90-day implementation period with increased support for early adopters. In response to requests from working group members, this period ensures that companies adopting new specifications receive a dedicated timeframe during which IAB Tech Lab provides extra assistance and guidance, ensuring they have the support they need during the initial phase.
AD Agencies
Publicis CCI probe: Delhi HC rejects plea to halt investigation
HC urges parties to raise objections before the competition regulator
NEW DELHI: The Delhi High Court has declined to interfere with an ongoing investigation by the Competition Commission of India into alleged anti-competitive conduct involving Publicis Groupe, holding that no cause of action had arisen for the petitioner at this stage.
A bench led by Justice Purushaindra Kumar Kaurav dismissed a writ petition filed by TLG India Private Limited, the Indian arm of Publicis Groupe, after noting that no formal notice had been issued to the company by the regulator.
TLG India had challenged summons and investigative steps issued in the name of “Publicis Groupe”, arguing that the reference was to a brand rather than a legally identifiable enterprise under the Competition Act. The petitioner contended that while summons were addressed to its office and employees, it was not itself named as the entity under investigation.
Appearing for TLG India, senior counsel Ritin Rai argued that investigations must be directed at a defined juristic person and sought quashing of the summons. The court, however, asked whether any notice had been issued directly to TLG India as a legal entity: an assertion the petitioner conceded had not occurred.
The CCI, represented by senior advocate Jayant Mehta, opposed the plea on grounds of maintainability, stating that notice had been issued to Publicis Groupe SA and that TLG India lacked locus to challenge proceedings in which it was not a named party.
The bench reiterated that courts are reluctant to intervene in ongoing proceedings before statutory authorities. It observed that any legal consequences arising from notices issued to an allegedly non-existent entity would have to be examined by the CCI itself. With no notice issued to the petitioner, the writ was disposed of, leaving parties free to raise their objections before the regulator.
The investigation, initiated in March 2025, relates to allegations of price-fixing and collusion among major advertising agencies and industry bodies operating in India.
