[HN Gopher] Show HN: Consent management, reinvented
___________________________________________________________________
Show HN: Consent management, reinvented
Author : Sephr
Score : 20 points
Date : 2021-09-09 17:00 UTC (6 hours ago)
(HTM) web link (transcend.io)
(TXT) w3m dump (transcend.io)
| Sephr wrote:
| Hi Hacker News!
|
| I'm Eli, the lead engineer behind this project. I am excited to
| share Transcend's Consent Manager with you.
|
| Consent management platforms handle the task of complying with
| the various data privacy laws to ensure that your users privacy
| rights are respected, and certain forms of tracking emissions
| only happen with the appropriate informed consent. You may have
| already seen how bad consent managers can get, with annoying
| popups blasting you all over the web asking if sites can track
| your personal data.
|
| The current consent experience is broken. Existing consent
| management platforms aren't compliant (missing tracking
| technologies embedded in widgets, fonts, and more), rely on a
| homepage banners (distracting your users and driving up bounce
| rates), and compromise site performance (breaking elements on
| your site or slowing down performance).
|
| Now that all changes - with Transcend Consent Manager, site
| owners can:
|
| * Move the consent banner down the user journey or ditch it
| completely
|
| * Enforce and manage fine-grained network-level consent rules in
| an easy-to-use admin dashboard interface
|
| * Block, quarantine, & replay tracking events cross-session or
| in-place (e.g. a same-session DOM mutation is replayed or a
| fetch() promise is resolved).
|
| * Override requests to use alternative domains or enforce privacy
| rules on parameters, skipping the SDK. (e.g. we can automatically
| enforce Facebook's LDU parameters, Google Consent Mode, Google
| Ads RDP, YouTube Privacy Enhanced Mode, etc. with no site
| changes)
|
| * Optionally generate dynamic consent-derived Content Security
| Policies
|
| * Privately sync consent & quarantine data across a first-party
| set of hosts without data ever leaving the browser
|
| I previously announced our closed beta two months ago[1]. Today,
| we are finally launching general availability! This is a paid
| service ($39/mo + $12/million sessions) and we offer a one-month
| free trial for anyone that wants to evaluate our consent manager.
|
| Transcend Consent Manager is powered by airgap.js, a JavaScript
| library created specifically for data flow regulation. See the
| infographic: https://cdn.transcend.io/infographics/airgap.js.gif
|
| Check out the blog post from my previous submission to read about
| our engineering journey developing Transcend Consent Manager:
| https://transcend.io/blog/defeating-cookie-banners
|
| I will be available in this thread to answer any questions. Let
| us know what you think!
|
| 1. https://news.ycombinator.com/item?id=27752790
| rudasn wrote:
| This looks really well executed, and a great idea. Well done!
|
| Kind of unrelated, is it possible to use your open source
| client encryption library to provide encryption at rest (where
| the server only receives encrypted data and the key is
| generated and managed on the client)?
| jph wrote:
| Good idea and execution, Eli and team. What are your opinions
| about Transcend Consent Manager and cross-border aspects? E.g. a
| company needs consent that involves laws varying by where data
| originates and where users reside.
| Sephr wrote:
| Transcend Consent Manager currently only supports frontend data
| flow regulation.
|
| Under our current scope, all regulated data originates from the
| user so there is no cross-border aspect to our product at this
| time.
|
| We do plan to eventually expand to server-side runtimes like
| Node.js and Deno. While we haven't explored cross-border
| backend data sharing that much, we can already picture
| integrating these additional aspects with our regulation
| paradigm.
___________________________________________________________________
(page generated 2021-09-09 23:02 UTC)