Expand my Community achievements bar.

Allow Flexible Consent Management via AEP SDK

Avatar

Level 2

3/8/22

Description -

While conducting our first real-life implementation case for data collection via the AEP Web SDK and the Edge Network, we wanted to rely on the out-of-the-box customer consent preferences:

https://experienceleague.adobe.com/docs/experience-platform/edge/consent/supporting-consent.html?lan...

 

However, while experimenting with the different options available, we were facing major limitations with regards to the flexibility of handling the consent - in particular with the current consent object:

 

 

consent: [{
      standard: "Adobe",
      version: "2.0",
      value: {
        collect: {
          val: "y"
        },
        metadata: {
          time: "2021-03-17T15:48:42-07:00"
        }
      }
    }]

 

 

Mainly, I'm referring to these two limitations stated in the official documentation:

#1 No granular consent handling:

"Currently, the SDK supports only a single all or nothing purpose."

 

#2 No overwriting of the collected consent:

"After a user has opted out, the SDK will not allow you to set the users collect consent to y."

 

Why is this feature important to you -

RE#1: Modern consent management solutions such as OneTrust offer great flexibility and granularity for the user to decide which type of cookies and tracking solutions he/she is opting-in or not (e.g., first- vs. third-party). However, this can't be reflected with the current AEP consent object as it only takes binary inputs. This can result in fewer opt-in rates and/or data coverage because few users decide to go "all-in" and respectively the consent object has to be set to "n" which prevents any tracking to happen. Since data is key to the measurement of all kinds of marketing activities, the amount of data points captured is key, less coverage means less meaningful insights which ultimately can make client-side tracking solutions redundant.

 

RE#2: As the user can opt-out this value of "n" will be irreversible written onto the AMCV, meaning in reality, for this particular user we will never ever be able to track any kind of data (unless they empty the browser's cache, switch devices etc.). This is even more severe as it drastically limits the potentially tracked users and can even have a disastrous impact when for instance, the value has been set to "n" by mistake.

 

How would you like the feature to work -

RE#1Instead of just offering "y" or "n", give the flexibility to set different tracking categories within the consent object which correspond to different cookies/technologies (e.g., functional, first-party, third-party):

 

 

consent: [{
      standard: "Adobe",
      version: "2.0",
      value: {
        collect: {
          functional: "y",
          tracking: "y",
          marketing: "y"
        },
        metadata: {
          time: "2021-03-17T15:48:42-07:00"
        }
      }
    }]

 

 

RE #2: Just add the capability to either reset and/or update the value that has been previously submitted as the consent object would tremendously help in overcoming the initially described limitation.

 

Current Behaviour -

As explained above.

6 Comments

Avatar

Community Advisor

5/30/23

We are migrating to server side as well and we have the same issue.

 

At present we are planning to add AEP, Target, Analytics and Event forwarding. Each of this product will fall into a different cookie group category which means that we cannot use one datastream for all. We will need to create multiple to respect cookie groups.

 

We should be able to configure on datastream configuration level which schema path and which value to have for the services to be executed.

Avatar

Level 3

8/11/23

Is there any update here from Adobe now midway through August 2023? This is very important to our legal team and could be an impediment to moving forward with Web SDK.

Avatar

Level 2

9/27/23

We were having the same difficulty implementing consent choices into AEP.

 

I see the Web SDK atleast allows us to use consent preferences schema and map individual consent group level. However, I do see the same is not available/feasible through Mobile SDK.

 

Can anyone share their approach how you were achieving or any workarounds you are aware.

Avatar

Level 2

12/1/23

Latest we understand is 

Adobe standard 2.0 consent standard allows to capture Collect, Personalize, Advertising and Share categories on both Web & Mobile SDKs. However, these consent tracking method stitches the consents to specific ECID on the device/browser - making it consents collected device specific instead of user profile specific which we usually expect to unify the consents at profile level - so that downstream services respect consents which are latest stitched to profile - which is currently missing.

 

The same categories of consents are not allowed for solution specific like AA, AT & AAM at the moment - web SDK only respects either all in or all out as a consent at the moment. The solution level consents are yet to come near future.