GDPR Admob - What do Developers prefer with the Ad Networks and consent

I wanted to get feedback from other developers on consent with regards to Ad Networks, in particular, Google Admob.

Admob in particular, seems to be taking a different approach than other Ad Networks such as Applovin and Unity Ads. Applovin is handling things on the backend, and removing personalized ads from all countries in EU in the coming days, so it removes the burden from the developer. Unity ads is also handling it on the backend for the developer. I’m sure there are other ad networks taking on the responsibility to handle the consent that I haven’t named here as well.

Admob is placing the burden on the developer to ask for consent for both PA’s, and NPA’s via the Consent SDK or their own custom method.

What are developers’ thoughts on this?

a. Would you prefer Admob handle the consent stuff on their end vs having to update your apps manually?

Or

b. Do you like having control over your apps, and want to take the extra steps to ask for consent on your own accord?

I personally would want them to be handling it so we can continue to make great games, and not make this consent stuff the focus.

I have spoken with an Admob rep regarding this topic and he is going to pass this info along to his team. I think it would help to get some general feedback on this.

Are any developers moving to other ad networks in light of Admob’s decision? Or are you begrudingly adding consent, even though you would prefer they handle it. Any feedback would be helpful!

I’d prefer to just set npa=true (aka hasUserConsent=false in Corona terms) worldwide and be done with it, thus (supposedly) being able to get away without requiring any explicit consent whatsoever.  (having no other sources of collection, so just need notice of that, but not consent)

The unsettled question for me is AdMob’s required consent (not same as GDPR’s consent) for the remaining “cookies” issue - I don’t quite understand the EPrivacy regulation vs what AdMob does when serving NPA ads on mobile, but AdMob’s terms require the cookie consent (regardless of whether or not GDPR actually does).

Yes, I’m investigating alternatives to AdMob, as I find it unacceptable that they (apparently) can’t (or won’t) provide a no-consent-needed back-end solution.  (That decision MIGHT be influenced if AdMob’s consent SDK is eventually integrated into the plugin, if it has the effect of making it essentially “painless” to implement, but too early to intelligently comment on that functionality yet - tho suspicion is it’ll still leave the “pain” on the developer (tracking, etc) rather than back-end, so I’d still be looking to ditch AdMob.)

“Cookie Issue” reference:  https://developers.google.com/admob/android/eu-consent

Ads served by Google can be categorized as personalized or non-personalized, both requiring consent from users in the EEA. 

This is because of how AdMob works, not because of how the GDPR is worded – if AdMob didn’t store personal information in cookies even with NPA’s, then you wouldn’t need consent.  This is the aspect that I find unacceptable - there should be SOME mechanism provided to make it fully no-consent-needed compliant, but there isn’t.

@davebollinger:

That makes complete sense, and your point regarding both PA’s and NPA’s needing consent is a good one. I wholly agree with you on that. I will be sure to pass that info along.

I do think that in the end, we need them to be handling this stuf on the backend. It shouldn’t be our responsibiltiy to collect consent on cookies data for NPA’s, especially if it conflicts with GDPR guidelines.

I’d prefer to just set npa=true (aka hasUserConsent=false in Corona terms) worldwide and be done with it, thus (supposedly) being able to get away without requiring any explicit consent whatsoever.  (having no other sources of collection, so just need notice of that, but not consent)

The unsettled question for me is AdMob’s required consent (not same as GDPR’s consent) for the remaining “cookies” issue - I don’t quite understand the EPrivacy regulation vs what AdMob does when serving NPA ads on mobile, but AdMob’s terms require the cookie consent (regardless of whether or not GDPR actually does).

Yes, I’m investigating alternatives to AdMob, as I find it unacceptable that they (apparently) can’t (or won’t) provide a no-consent-needed back-end solution.  (That decision MIGHT be influenced if AdMob’s consent SDK is eventually integrated into the plugin, if it has the effect of making it essentially “painless” to implement, but too early to intelligently comment on that functionality yet - tho suspicion is it’ll still leave the “pain” on the developer (tracking, etc) rather than back-end, so I’d still be looking to ditch AdMob.)

“Cookie Issue” reference:  https://developers.google.com/admob/android/eu-consent

Ads served by Google can be categorized as personalized or non-personalized, both requiring consent from users in the EEA. 

This is because of how AdMob works, not because of how the GDPR is worded – if AdMob didn’t store personal information in cookies even with NPA’s, then you wouldn’t need consent.  This is the aspect that I find unacceptable - there should be SOME mechanism provided to make it fully no-consent-needed compliant, but there isn’t.

@davebollinger:

That makes complete sense, and your point regarding both PA’s and NPA’s needing consent is a good one. I wholly agree with you on that. I will be sure to pass that info along.

I do think that in the end, we need them to be handling this stuf on the backend. It shouldn’t be our responsibiltiy to collect consent on cookies data for NPA’s, especially if it conflicts with GDPR guidelines.