Consent UX, €50 million mistakes, and new approaches
21 January 2019
Phil Lee writes,
And from Thomas Baekdal on Twitter:
Interesting. But also, as I have said many times before. Imagine what would happen if the French regulators took the same look at publishers. My ongoing advice to publishers is to look at these cases as early indicators. We will be next in line to be looked at. https://t.co/7fTRottHAb— Thomas Baekdal (@baekdal) January 21, 2019
European regulators are paying attention to consent
mangement UX, and the current approach, which is
just click OK to make this annoying
dialog go away (and consent to use of your data by
70 companies you've never heard of), is looking
less and less likely to work.
Fortunately for reputable publishers, the regulatory pressure to clean up consent UX is likely to be a good thing for trusted sites. So this is great time to release the Global Consent Manager User Study. Global Consent Manager is a new approach to consent UX, made possible by IAB Europe's Transparency and Consent Framework.
The Framework standardises the presentation to users’ third-party data processing requests that require “informed” consent for data processing. The Framework enables “signaling” of user choice across the advertising supply chain. It is open-source, not-for-profit with consensus-based industry governance led by IAB Europe with significant support from industry parties and the IAB Tech Lab, which provides technical management of the open-source specifications and version control.
I'm a big supporter of the Transparency and Consent Framework, if you use it right. Consent UX is full of €50 million mistakes—but the consent data approach of the Transparency and Consent Framework can still be good if you put a decent UX on it. That's what Global Consent Manager aims to do.
Global Consent Manager applies the the same
incremental approach that social and collaboration
sites, such as LinkedIn and GitHub, use. LinkedIn
doesn't ask you to build a complete profile and work
history before you can use the site. Instead, you get
to make an account and then get prompted to add more
of your info as you use it. Global Consent Manager
borrowed that idea, in a basic form. Instead of
asking for consent for everybody to use your data
everywhere before you even read the article, with
Global Consent Manager you start off in a
consent state. A consent string with no consent
is a valid consent string, and Global Consent Manager
will auto-generate one for you on your first visit
to a supported site.
Later, if you show that you're interested in the site, the site can ask for more consent. This approach gives a sustainable advantage to sites that users choose to trust, and limits the ability of sites whose traffic comes from deceptively obtained clicks to run saleable ads.
Results from the user research tend to indicate
that users spend significantly more time on a
news task when they get the Global Consent Manager
experience, compared to the
click OK to consent
to everything default.
The standardization work for consent data, now being done at the Transparency and Consent Framework, really pays off if you put a sensible (more LinkedIn-like) UX on it.
Our next step is to extend server-side consent and data management, with a view to facilitating the needed data collection for publishers trusted by users to run high-value ads, without enabling data practices that fail to comply with regulations or with user norms. Please let me know if you're interested in participating or reviewing future data.