Contact UsWDN News & more...

Google’s AMP Project announces new consent component ahead of GDPR compliance deadline

With the deadline for the General Data Protection Regulation (GDPR) fast approaching, Google’s AMP team has announced a component to enable publishers to surface a user consent notification for sites using the mobile-friendly framework.

From the announcement:

The features to be launched include the ability to show choices in user interface notices via “accept” and “reject” semantics, and configuration of AMP element behaviors in response to users’ choices.

The GitHub issue page details the component’s format and configuration options, along with future feature suggestions. As the issues surrounding GDPR consent and compliance are complicated — including acquiring per-usage consent (e.g., publishers need to acquire separate consent for users being tracked for both first-party and third-party purposes) — the project team is encouraging publishers and vendors to participate in the component’s development so that support will be available for as many integrations as possible. They particularly note existing support within AMP for these types of features and state that user consent may need to be obtained before loading them:

AMP supports over 100 vendor-provided capabilities ranging from analytics to ad tech to video players and other kinds of content embeds. As a publisher, if you want to ensure your vendors integrate with AMP’s user control features, please encourage the vendor to engage with the AMP Project.

The proposed format is relatively straightforward, as shown in the sample code image below, but it may become a bit messy for publishers needing to acquire many different types of consent for analytics, tracking and ad tech that may be present on their sites:

Proposed AMP consent component

It’s important to note that for now, GDPR compliance applies only to EU citizens visiting a publisher’s site. You’ll want to dig into understanding how that goes beyond mere country detection, however, as EU citizens not physically within the EU are protected by GDPR wherever they are.

In speaking with the IAB Senior Manager, Privacy and Public Policy Matthias Matthiesen at IAB’s annual leadership conference earlier this year, he noted that because of the intricacies of compliance, many publishers and organizations coming into compliance are taking a “GDPR everywhere” approach because parsing out consent for users “of unknown citizenship” is actually the more complicated path.

About The Author

Michelle Robbins, SVP Content & Marketing Technology, oversees editorial direction as Editor in Chief for Third Door Media’s digital publications, Search Engine Land, Marketing Land and MarTech Today, directing a full-time staff of reporters and editors managing contributed content. She is responsible for developing the content strategy across all properties and aligning those initiatives with the programming and audience goals for Third Door Media’s two leading marketing conference series, Search Marketing Expo and The MarTech Conference. In addition, Michelle oversees information technology operations, directing the marketing technology department. An experienced domestic and international keynote and featured speaker, she enjoys connecting with the community at SMX, MarTech and other industry events. Connect online with Michelle on Twitter @MichelleRobbins, and Linkedin.