By David Mattia
August 30, 2021•3 min read
You may already know that Transcend’s consent management solution is designed to move companies beyond cookie banners, but did you know it also enables more precise choices for site owners and their users?
Our engineering team embarked on a long journey to build and polish airgap.js, the technology that powers Transcend Consent, now available for anyone to implement or explore, just sign up at the bottom of this post!
Below, we explore six unique features that help site owners quickly and easily provide a better privacy experience for their website users.
When a site owner is initially setting up Transcend’s Consent Manager on their website, it will begin collecting telemetry data, including the number of requests made to different domains, The telemetry data is then sent to Transcend’s backend to be processed and classified, and will automatically show up and populate in the “Data Flows” table in the Consent Manager. These are classified to a purpose (Essential, Functional, Advertising and Analytics) which then correspond with an individual’s consent preference. As visitors land and engage with the site, Transcend will gather telemetry data and complete the site’s Data Flows.
This initial scan saves a significant amount of time for the site owners and their engineering team. Without it, site owners would need to manually classify each request happening on their site domain.
Telemetry scanning also provides a streamlined way to let site owners know when new trackers or widgets are added that need classification. This functionality is especially useful in larger companies where there are multiple employees working on the website, or when updates between employees are manual and live across multiple workplace tools.
The core technology powering Transcend Consent, airgap.js, can conditionally override a tracker’s core API at the network level to override pending request URLs via custom logic (through function-based overrides) or using airgap’s RegExp-based match-and-replace system. Overrides can change URLs, add/remove tracking purposes, and force-allow/deny requests.
For example, airgap.js can automatically force-enable Facebook’s Limit Data Use (LDU) mode, Google Ad’s Restricted Data Processing (RDP) mode, and swap out youtube.com requests to enable YouTube Privacy Enhanced Mode.
This functionality also supports Global Privacy Control (GPC), a browser privacy preference signal standard that companies must honor under the California Consumer Privacy Act (CCPA). Whenever an individual has GPC enabled on their browser, Transcend’s Consent Manager will override certain trackers to prevent the sale of the individual’s personal information. A similar Do-Not-Track browser privacy preference signal exists which we also honor for tracking opt-out.
This gives you out of the box compliance with these popular privacy signals.
Transcend Consent provides optional functionality to replay tracking events that are quarantined before you requested user consent. This feature can be enabled or disabled by the site owner, and includes the ability to set custom time frames. It can also be configured to only replay certain types of events.
For example, you can choose to only replay tracking events that took place during a specific window of time, such as those that track how a user navigated through your site to find the information they needed.
This leads us to the next unique capability of Consent–customizable replay gives you flexibility in how and when you ask users for consent.
With unlimited visual options, you can go beyond the standard homepage banner and design user consent into existing UI, like a contact form or checkout page. Consent also provides standard consent banner designs that you can tailor to fit your brand or website color palette, if you choose to take this approach.
Flexible timing options allow you to “push the banner back”–moving a standard consent banner past the homepage with the added twist of only displaying it on subsequent pageviews.
These changes can go a long way towards reducing pop-up fatigue for your users, while ensuring your site remains in full compliance.
Airgap.js also allows site owners to customize consent messages based on the local privacy laws applicable to their users. We currently detect local regimes using browser language and time zone settings.
This approach supports the nuance of detecting an EU-likely user vacationing in California, affording them both CPRA and GDPR protections. Site owners can also set a default regime, such as CPRA or GDPR, for when there is no applicable local regime for a specific user.
This allows airgap.js to determine default consent policies and allows your own UI to determine applicable display characteristics necessary to stay in compliance with local and regional data privacy laws.
It may sound like these capabilities require a heavy payload, but we’ve bundled airgap.js all into a no-bloat payload of just 30KB. We’ve engineered our API patchers and pending event regulation system to balance high performance and low overhead. Using simulated slow machines via browser DevTools and Lighthouse, we’ve benchmarked airgap.js on very heavy interactive video and content creation webapps with minimal or no perceptible decrease in site performance.
With airgap.js, Transcend Consent goes beyond standard consent manager platforms with detailed data regulation, out of the box compliance with popular privacy signals and new levels of UI flexibility. This translates to improved compliance for your organization and enhanced user experience, without building custom configurations and additional engineering strain.
Interested in seeing Transcend Consent in action? Sign up to try for free today.
By David Mattia