GDPR Consent Banner and IPS

[Real Hal9000]

Hello,

I feel we should revisit the platform’s compliance with GDPR, in light of the latest developments and clarifications issued by the EU. Had some discussions, read a lot about this and it's clear to me that the classic Cookie strip with one button (I accept) simply doesn't cut it anymore and would make the website owner liable for not fully following the current regulations.

It's been brought to my attention from the ad network we use, that we should provide a full Consent message to every visitor of our site, and give them the option to choose which cookies, if any, they would want to be used during their visit. There are already many services out there like Cookiebot, Quantcast and OneTrust which can scan one’s site and automate the process by creating this banner. Of course even if they have limited free packages, my main concern is that there are limitations to styling, speed, translation, etc. I feel that such features must be provided from the platform itself, which must integrate the IAB Consent Framework. 

A valid cookie consent banner has to look like the one Cookiebot provides, offering the ability to choose the type of cookies the visitor wants. If you’d like to see a live example, visit this page.

Cookiebot Consent Banner

analytic view

Two links from the Cookiebot site, which I really feel that they offer a full picture of what is the proper way to have a GDPR Consent banner in your site.

• GDPR and cookies | GDPR cookie consent | Is my use of cookies compliant?
• Active consent and the case of Planet49 | CJEU | GDPR & ePR

I’d very much like to read your thoughts on this and particularly whether such options are included in the roadmap.

[asigno]

I'm just in the process of implementing iubenda's consent management platform, and there's no way that most software providers could integrate the same technology in to their existing products. The needs, options and flexbility of implementing these differently depending on rapidly changing laws/regulations and users locations make this a massive challenge for companies which actually specialise in this.

What I would like to see from IPB though is integration with third party CMPs, most CMPs these days abide by the same standard https://iabeurope.eu/tcf-2-0/ which makes integration straight forward. IPB would just need to allow it's existing consent to take call backs from the CMP.

Another question I do have is what cookies are strictly fuctional from IPB and what are experience enhancing. IPB have stated that all their cookies are able to be exempted under functional cookies, but from what I've read many may not be. For example a cookie which sets what has been read. This isn't a strictly necessary cookie, as you don't need this cookie to operate the board.

I'd like to see a page in the admin dashboard which shows all cookies that IPB or third party plugins set and list the useage purpose e.g. Strictly necessary, basic interactions & functionality, experience-enhancement measurement.

 

[evcom]

I am also doing some more research on this topic as I experienced that more and more websites show now cookie banners that are going well beyond the simple "Yes, I accept" button. 

How did you eventually implement a compliant solution? Did you use an external provider as listed above? Are there any free, open source banners that work well with Invision Community? 

[Real Hal9000]

57 minutes ago, evcom said:

I am also doing some more research on this topic as I experienced that more and more websites show now cookie banners that are going well beyond the simple "Yes, I accept" button. 

How did you eventually implement a compliant solution? Did you use an external provider as listed above? Are there any free, open source banners that work well with Invision Community? 

When I searched, free solutions had a ridiculous limit per pageviews so we had to implement our own solution.