With GDPR coming, the need for consent awareness of rules and actions is becoming more stringent.
We have quite a lot of rules which stack up depending on a consent level of the user (e.g.):
- strict -> only complete anonymous tracking allowed (eg. analytics beacon)
- mid -> some user identification allowed (hashed)
- low -> 3rd party pixels allowed
Currently we have to make for each of these levels a rule, take e.g. a simple page view:
- level at least strict -> send out the analytics beacon
- level at least mid -> send data to DMP
- level at least low -> set a DoubleClick display Pixel
Which ends up for quite a lot of our rules, we have to double or triple them...
Some idea could be to have e.g. a consent check action in the action chain. If the check fails, the rest of the action chain is not executed anymore. This could combine the 3 rules above into 1 page view rule with this action chain:
Actions: set AA vars -> send AA beacon -> clear AA vars -> check consent mid -> send data to DMP -> consent check low -> send 3rd party pixels
Another idea could be to have an action being consent aware itself, so the action is only executed if a global consent level (e.g. set in a cookie) is met. The "old" sat_track option is to black/white and does block everything or nothing...
Any thoughts on this?
Stefan
