[0] https://github.com/InteractiveAdvertisingBureau/GDPR-Transpa...
there is no data collected via TCF:
https://github.com/InteractiveAdvertisingBureau/GDPR-Transpa...
CMPs are the popups that save the preferences and thus enable the collection of the data.
IAB only provides a spec.
[0] https://github.com/InteractiveAdvertisingBureau/GDPR-Transpa...
How should a Transparency & Consent String be stored?
In version 1 of the TCF Specifications the consent string was specified to be stored as either a 1st party cookie for service-specific consent or a 3rd party cookie for global consent. In version 2 of the TCF Specifications, the storage mechanism used for service-specific TC Strings is up to a CMP, including any non-cookie storage mechanism. However, global TC Strings must still be stored as cookies under the consensu.org domain.[0]
Pretty much no website uses it.
[0] https://github.com/InteractiveAdvertisingBureau/GDPR-Transpa...
The reason is that if it's done in the browser then a person's preferences will apply to every website they use with that browser. Publishers will not want that as they hope that users will give them more consent than other web sites (I certainly do give some websites full permissions if I like them, others are a 'reject all' and 'object all')
Also, your consent preferences are stored under that website's cookie. There is the option of a global cookie but nobody uses it. This cookie data is then sent to everyone involved in the adtech chain (which is causing issues since it can be multiple KB's in size). It's format is described in [0]
[0] https://github.com/InteractiveAdvertisingBureau/GDPR-Transpa...
There are serious doubts if this is a complaint way to handle cookie consent.
and their other projects.