Consent and bots
02 February 2019
Two kinds of web clients who it's a bad idea to serve a third-party resource to:
Users who have not given consent. We know we can't use their data. But third parties can peek at those users because their tracking script or pixel is on the page. If the first party can't have that data why should the third parties get it?
Adfraud bots. Bots come to visit legit sites to build up realistic-looking cookies so they can cash out elsewhere. Bad idea to help them.
Consent management requires some interaction with the user, which is also an opportunity to collect data for assigning a botness score.
Bots will also try to appear to be visitors who have already given consent, and go get the third-party resources anyway. This is an interesting problem because it's a game where the bot and the third party are on the same side, and the site is on the other. Impossible for the CMP to block the bot connection to the third party, but is it possible to show that consent was not in place when that connection happened? Understanding the provenance of the consent string is going to be important. An extra cookie containing a digital signature for the consent string?
New CMPs will have an opportunity to build on knowledge gained from regulator reactions to first-generation CMPs. But it's more interesting to think about sustainable advantage for the site than just about regulatory future-proofing. For example, a good consent management platform will also tie in to an objection management platform/opt-out management platform.Objection management platform and opt-out management platform both work out to OMP—anybody using that TLA?
People ask about whether consent records
obtained by conventional CMPs are even good.
(Risks in IAB Europe’s proposed consent mechanism |
click OK to make this dialog
go away and consent to everything UX is unlikely
to last, but what's next?
Design the CMP to work in the interest of the CMP customer, not third parties.
Understand the (painful, because anything touching the CMS is painful) changes involved in taking 3rd parties out of the page template entirely when the page is going to a no-consent user. No peeking!
Future-proof consent workflow to allow for adjusting for regulatory changes (boring) and revenue or data opportunities (fun)
Integrations: objection/opt-out mangagement, single sign-on, paywalls, in-browser/in-extension consent mangement.
And of course, get out in front of coming browser privacy improvements. Need an open-source strategy including participation in browser and extension projects.
The White Flight From Football
Move over, Vantablack: You can now buy the world’s blackest black paint
Study: Deactivating your Facebook account is good for your mental health
Modern Weather Forecasts Are Stunningly Accurate
What can we learn from the downfall of Theranos?
Do they have work/life balance? Investigating potential employers with GitHub
New research says secondhand Legos are surprisingly valuable
No one knows why non-existent bands have started showing up on Spotify playlists
Conversations with execs at the World Economic Forum reveal that many are racing toward automation to stay ahead of competition regardless of impact on workers (Kevin Roose/New York Times)
Miriam Avery: Mozilla Fosters the Next Generation of Women in Emerging Technologies
More Than 70 U.S. Health, Consumer and Other Groups Demand Elimination of NAFTA 2.0 Terms That Would Lock in High U.S. Medicine Prices
Elsevier journal editors resign, start rival open-access journal
The extraordinary therapeutic potential of psychedelic drugs, explained
Exclusive: WeWork rebrands to The We Company; CEO Neumann talks about revised SoftBank round
A masterpiece of ancient data viz, reinvented as a gorgeous website: An illustrated edition of Euclid’s Elements from 1847 gets updated for the web.
IQ is largely a pseudoscientific swindle
What made solar panels so cheap? Thank government policy.
As digital media companies brace for change, unions try to cushion the blow
This is the architecture trend that needs to die in 2019
Opinion: Cure ‘futures’ offer a way to pay for million-dollar medicines