Welcome to WebmasterWorld Guest from 54.92.153.90

Forum Moderators: open

GDPR Compliance for Adsense Publishers

     
1:51 am on May 22, 2018 (gmt 0)

Moderator from US 

WebmasterWorld Administrator keyplyr is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Sept 26, 2001
posts:11789
votes: 742


3 Steps to GDPR Compliance for Adsense Publishers

Use an opt-in/out cookie notice, shown to all visitors*

Disable personalized ads for EU visitors: Adsense Account > Allow & block ads > Content > All my sites > EU User consent

Be explicit in your (linked from cookie notice) Privacy Policy to explain what Personal Identifiable Information (PII) is collected (or not), if cookies are being used & for what purpose, and if server log data files [webmasterworld.com] are retained, for how long & for what purpose.

* EU residents may connect to your sites from regions outside of the EU and require to be informed of your cookie policy.
3:12 am on May 22, 2018 (gmt 0)

New User

Top Contributors Of The Month

joined:May 7, 2018
posts:40
votes: 5


Regarding GPDR applying to EU residents even when they are out of the EU, I think there will need to be years or decades of legal cases to decide whether that's even legally enforceable. Since it up ends the world if any country can claim the entire world as it's jurisdiction. Short of requiring passport scans before allowing anyone into a site, how can one know if someone is a EU citizen or not. In that case one would need to get PII in order to ask permission to get PII. Which seems like a never ending circle.
3:48 am on May 22, 2018 (gmt 0)

Moderator from US 

WebmasterWorld Administrator keyplyr is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Sept 26, 2001
posts:11789
votes: 742


Treating everyone the same, as far as the cookie notice, seems the easiest & most simple way of complying, at the same time covering the possibility of the EU citizen connecting from outside the EU no matter what the legal definition ends up being.
4:05 am on May 22, 2018 (gmt 0)

New User

Top Contributors Of The Month

joined:May 7, 2018
posts:40
votes: 5


A simple cookie notice telling a visitor that there will be cookies is one thing. That's no big deal. The way I understand it is that GDPR requires websites to record the consent and keep that forever so that a user can take back that consent. How will I know one random user from another? I'll need to personally identify them. So I'll need to record personally identifying information and store it forever. That's another thing entirely.

Unless I have it all wrong. Please tell me I have it all wrong. I want to be wrong.
4:08 am on May 22, 2018 (gmt 0)

Moderator from US 

WebmasterWorld Administrator keyplyr is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Sept 26, 2001
posts:11789
votes: 742


The way I understand it is that GDPR requires websites to record the consent and keep that forever so that a user can take back that consent.
Related discussion: [webmasterworld.com...]
7:27 am on May 22, 2018 (gmt 0)

New User

joined:May 3, 2017
posts:18
votes: 4


Use an opt-in/out cookie notice, shown to all visitors*

In their Amp section: [support.google.com...]
"Following is an example of a configuration that prompts all users in the EEA for consent,"

Even Google are talking about consent for EEA, yet you are suggesting to visitors to show it for everybody?

That will decimate most webmasters earnings overnight if they implement it for everybody rather than just a visitor from EEA.
7:31 am on May 22, 2018 (gmt 0)

Moderator from US 

WebmasterWorld Administrator keyplyr is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Sept 26, 2001
posts:11789
votes: 742


Relax - It won't "decimate" anything. Hasn't changed income for any site I manage.

The entire world is adopting new privacy rules. China, India, Canada, Australia, and soon even the US.

[webmasterworld.com...]
[webmasterworld.com...]
[webmasterworld.com...]
[webmasterworld.com...]

Treat all visitors the same... just a suggestion. You'll be doing it soon enough anyway. Makes things a lot easier.
11:28 am on May 22, 2018 (gmt 0)

Junior Member

Top Contributors Of The Month

joined:Jan 16, 2018
posts: 142
votes: 40


Hasn't changed income for any site I manage


Google will stop showing interest-based only from the 25th, so that's not yet taken effect.

So are you saying you have an opt-out option for visitors, and even them clicking 'deny' hasn't changed earnings at all?
2:42 pm on May 22, 2018 (gmt 0)

Junior Member from CA 

10+ Year Member Top Contributors Of The Month

joined:Oct 1, 2002
posts:119
votes: 11


Anyone have an example code for NOT showing personalized ads on website self hosted Google search results page?
6:29 pm on May 22, 2018 (gmt 0)

Moderator from US 

WebmasterWorld Administrator keyplyr is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Sept 26, 2001
posts:11789
votes: 742


Google will stop showing interest-based only from the 25th, so that's not yet taken effect.
I wouldn't have posted if I hadn't already turned them off for EU users:
Adsense Account > Allow & block ads > Content > All my sites > EU User consent
7:19 pm on May 22, 2018 (gmt 0)

Full Member

joined:May 21, 2018
posts:276
votes: 70


Google will stop showing interest-based only from the 25th, so that's not yet taken effect.

I wouldn't have posted if I hadn't already turned them off for EU users:
Adsense Account > Allow & block ads > Content > All my sites > EU User consent

The options you select will take effect on 25 May.
7:30 pm on May 22, 2018 (gmt 0)

Moderator from US 

WebmasterWorld Administrator keyplyr is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Sept 26, 2001
posts:11789
votes: 742


I posted this option: Adsense Account > Allow & block ads > Content > All my sites > EU User consent
for those who want to do this for EU users only.

Myself, I've had personalized ads turned off for several years for the sites I manage. I've always been against covert tracking and have supported the privacy rights of those who visit my sites.
7:42 pm on May 22, 2018 (gmt 0)

Senior Member

WebmasterWorld Senior Member Top Contributors Of The Month

joined:Apr 1, 2016
posts:1926
votes: 498


* EU residents may connect to your sites from regions outside of the EU and require to be informed of your cookie policy.

GDPR only applies on European territory.
So I'll need to record personally identifying information and store it forever.


Recording consent is only required in situations where consent is required. For example, tracking consent is required is you decide to show personalized ads, of course only user that consent will see the ads. Non-personalized ads will not require the tracking of the consent. It may still require you to show the pop-up (you know to annoy people!) but there is no need to record or provide a means of retracting consent.

The financial impact of the switch from a mix of contextual and personalized ads to only contextual ads will depend on many factors. Sites that already have a high demand of contextual advertisements will likely see little change, whereas those that are not as niche oriented will probably be impacted more. Also remember that this only impacts EU users, so if one takes the percentage of user that are from the EU and are shown personalized ads (already pretty small in most cases) and then takes the difference in revenue from contextual and personalized, the net result will likely be small if not insignificant in most cases. But, it will be very site specific, so one persons experience may not be representative of other's.
12:14 am on May 23, 2018 (gmt 0)

New User

joined:May 19, 2018
posts:10
votes: 1


Dear @keyplyr, I have disabled the personalized ads inside Adsense for eu users. Now I want to set out opt-in/out cookie notice to visitors, right? My question is if the notice says that "by scrolling down etc., you agree to our cookies policy" does that falls under explicit consent from users?

If that is so, which plugin/solution you suggest for that purpose? Iubenda or cookiesbot? Thanks a lot in advance. Anxiously looking forward to hear from you.
12:25 am on May 23, 2018 (gmt 0)

Moderator from US 

WebmasterWorld Administrator keyplyr is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Sept 26, 2001
posts:11789
votes: 742


@engineerqasim - this is from Adsense:
You are required to obtain your users' consent to the use of cookies for this purpose, where applicable. For more information about his policy, see the Google EU User Consent Policy. [google.com]

Most of us see that as displaying a cookie notice with an "accept" or "got it" type button (or link) and including a link to your Privacy Policy.
12:56 pm on May 23, 2018 (gmt 0)

Junior Member

Top Contributors Of The Month

joined:Jan 16, 2018
posts: 142
votes: 40


Most of us see that as displaying a cookie notice with an "accept" or "got it" type button (or link) and including a link to your Privacy Policy.


I do too. And it's also what a hell of a lot of other website owners think too, as that's what I'm seeing on every one. Some add a bit more, about how the cookies are used to show interest-based ads, and some link to a page that explains how people can turn off their cookies and delete them. Personally, I've just put that on the privacy policy, so people know how to delete/turn off cookies if they so wish.
7:26 am on June 1, 2018 (gmt 0)

Full Member

joined:May 21, 2018
posts:276
votes: 70


Doesn't this topic is against the TOS, and the fact that no legal advises are provided at this forum?

I mean, after all, the first message is claiming a series of actions to do to be compliant with a law and being affirmative, isn't it legal advice? This is not only sharing opinions, it's affirmative claims and so looks like legal advice to me.

Also, these claims are misleading.
- They refer to the EU, whereas the GDPR concerns the EEA, which includes the EU, but also Iceland, Liechtenstein and Norway,
- They mention EU citizens, but it concerns also people living in the EEA, even if they do have the citizenship, someone has the right to live and work in a country, without having to acquire the citizenship,
- The cookie produced by non personalized ads is subject to the ePrivacy Directive, which depending of the country, imposes an explicit consent BEFORE the ad request is placed,
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members