Despite the headwinds posed by the advent of privacy legislation such as the General Data Privacy Regulations, programmatic ad spend in Europe rose by 33% last year to hit €16.7 billion (about $18.4 billion), although concerns around transparency persist.

The findings came in the IAB Europe’s Attitudes to Programmatic Advertising report published to coincide with this week’s Dmexco conference hosted in Cologne, Germany. Here, the challenges of programmatic advertising under heightened privacy obligations were a frequently recurring discussion, while one location-based data company claims to have seen the light at the end of the GDPR-privacy tunnel.

More than 70% of display ads and 50% of video ads are now traded programmatically in the region, with the trade body’s study also highlighting a lack of awareness over transparency initiatives in the sector, per the study. For instance, the study found that while 56% of publishers trade the majority of their inventory with an ads.txt file attached—an IAB Tech Lab initiative to combat fraud—only 6% of advertisers and 26% of agencies do so.

Townsend Feehan, CEO, IAB Europe, said the findings were encouraging, given the current heightened scrutiny over how ad tech uses personal data, but also highlighted how stakeholders in the sector will have to address issues such as skills shortages as well as transparency.

“It’s encouraging to see the majority of stakeholders expecting an increase in programmatic investments of up to 80% over the next 12 months,” she added.

“It is clear however that talent, the low buy-side adoption of ads.txt and supply chain transparency remain impediments to this growth, and these are areas we will be addressing with our members.”

The study also reveals a clear shift to hybrid models for programmatic trading as the number of advertisers with in-house operations overtakes the number outsourcing to an agency, alongside an increase in the number using external consultancies. Marketers using consultancies for programmatic buying grew to 7% in 2019, up from zero 12 months beforehand, while 52% said they were considering in-housing in the next 12 months.

Increased scrutiny over how the ad-tech ecosystem uses the public’s personal data—as symbolized by GDPR-enforcement from May 2018 plus the upcoming California Consumer Privacy Act—has prompted all of the industry’s major platforms to follow suit.

For instance, earlier this year Google announced its intention to clamp down on tech companies monitoring user behavior within its Chrome browser in ways it deems inappropriate. And while this stops short of Apple and Mozilla’s prohibition of third-party cookies, it is a harbinger of things to come and a move that could be seen as diminishing the interests of independent ad tech.

Last week, Jordan Mitchell, svp membership and operations at the IAB Tech Lab, proposed that the industry coalesces around new standards for consumer privacy in a way that doesn’t solely advance the competitive interests of the industry’s top players.

“We must set ourselves on an orderly path to rethink the cookie—an early, jerry-rigged internet technology that has far outlived its usefulness—and embrace a new paradigm of clear privacy settings and consumer controls tied to a standardized identifier,” he wrote in a blog post.

Meanwhile, one announcement that stood out among the flurry of Dmexco press releases came from Factual (a company that effectively pressed pause on much of its European offering ahead of GDPR enforcement last year), which said today it was rekindling operations there. Factual was not the only U.S.-based outfit to dial-down European operations ahead of GDPR, with many observers asserting that the legislation only served to consolidate the leading positions of big tech.

However, the location data company today announced that its audience targeting, measurement and insights products will be available in Europe, with the company claiming to now have aligned its data sourcing methods to privacy regulation in the region.

“Over the past year, Factual completed its implementation of systems and processes to reintroduce these products under the GDPR,” reads the company’s press release.

“The company is now working with a select group of data suppliers, having vetted their compliance systems and processes to verify suppliers are providing data with needed consents from consumers.”