On the eve of GDPR day, May 25th, 2018, the Sovrn team came across a missing feature in the prebid.js code that could greatly affect any publisher running header bidding alongside an IAB Consent Management Platform (CMP).
Here’s the problem:
There is a good chance that your IAB compliant CMP may not notify prebid when GDPR does not apply, therefore the default for prebid in this case is to wait for 10-seconds before running auctions. You can change this threshold to be lower, but then you run the risk of capturing data before consent.
Basically, as a publisher you have two options to mitigate this:
- One workaround is to make sure the CMP tells prebid when GDPR does not apply, however, if that’s the case, prebid will still have to wait until the CMP responds back to it
- Sovrn will take care of this for you for free. This is the lowest latency option to ensure your auction runs as quickly as possible.
Sovrn has implemented a fix for this in our Header Complete solution that we can offer you today. Therefore, if you are a Sovrn Header Complete Server Side Config publisher, this fix has already been pushed to your code!
If you have hardcoded prebid, but use Sovrn demand within your prebid solution, we have code you can use for free. Contact us and we can provide implementation directions. If you also want to upgrade to our Sovrn Header Complete Server Side Config to make this easier, let us know at email@example.com.
There are other workarounds, however, by not legitimately looking up the geo-ip, publishers are likely to be violating GDPR and the IAB Framework.
Sovrn’s CMP is another solution that comes at no cost to the publisher. We offer hands-on support, a suite of customizable features & with one line of code, the implementation is painless.
Please reach out to firstname.lastname@example.org if you’d like to get set up with Sovrn’s Header Complete, our CMP or if you have any questions at all.
As always, we are here to support you.