-
Notifications
You must be signed in to change notification settings - Fork 3.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support for CCPA opt-outs #24910
Comments
/cc @ampproject/wg-analytics |
@jeffjose is looking into this from the requirement point of view. |
Hi @darobin, Thanks for starting this thread, and your detailed analysis on what's possible with AMP today. You're right -- we can have better controls to support CCPA in AMP. We're kicking off an initiative to support CCPA affordances in AMP. We intend to give publishers such as yourself the mechanisms needed to have AMP pages compliant in 2020. I'll update this thread when I have more details to share. |
Hi @jeffjose, thanks a lot for getting back to us! I hate to bug you but do you have a few more details beyond "in 2020"? The law comes into effect Jan 1st and we need time to adjust the code, test, deploy before that. Thanks! |
Normally I'd shy away from giving deadlines, but optimistically we're trying to get a solution out by Nov 2019. Hopefully that gives you enough time to update your pages, test and deploy them. |
@darobin I pinged you on slack (amphtml.slack.com) with a question. Would you mind popping over there and taking a quick look? |
Yup! And we met few weeks back as well.
…On Sun, Nov 3, 2019, 11:34 PM Tobie Langel ***@***.***> wrote:
@jeffjose <https://github.com/jeffjose>, @darobin
<https://github.com/darobin>: where you able to catch-up on Slack?
November is already upon us!
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#24910?email_source=notifications&email_token=AABKH5BD7UNQNXSGNI7AWF3QR3OQPA5CNFSM4I5TMADKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEC5T7FI#issuecomment-549142421>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AABKH5F74BI7YAY4HCSGL4LQR3OQPANCNFSM4I5TMADA>
.
|
That's great to hear. A summary of those conversations here would be useful to the community at large. :) |
For sure.
We're still finalizing the design and once we have that locked down, I'll
share an update here. The gist of the meeting was talking thru how NYT was
thinking about CCPA which wont be super-interesting to the wider community.
…On Mon, Nov 4, 2019 at 5:13 AM Tobie Langel ***@***.***> wrote:
That's great to hear. A summary of those conversations here would be
useful to the community at large. :)
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#24910?email_source=notifications&email_token=AABKH5DWNBZUWT6QWWVUXBTQR4WFZA5CNFSM4I5TMADKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEC53U7Y#issuecomment-549173887>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AABKH5FXMVHT4ZBL54PMHYDQR4WFZANCNFSM4I5TMADA>
.
|
We have mostly rehashed what is in the issue and ruled out alternative options. We're looking forward to seeing how that translates to implementation. For clarity though, this is not an NYT issue, this is an issue for essentially everyone running AMP. @jeffjose You were asking about the actual enforcement date, we have received confirmation from the CA DoJ that it will indeed be Jan 1st. |
Is there any reasons for this process not to happen in the open?
This is an issue that’s affecting pretty much everyone in the industry. Of course understanding how you're thinking about solving it is important to the wider community. It’s on the AC agenda today, for example. As a rule of thumb, it’s safer to broadcast what’s going and allow the community to decide what’s of interest to them rather than to make assumptions about this. Designing in the open is also a much better strategy to gather broader input and get more external contributors involved. |
Good point on share the design ideas in the thread and get feedback. Thank you @tobie for the suggestion. Two major challenges we are facing. Challenge 1. opt-out Challenge 2: Handle multiple consents. Ideas, feedback and requests are very welcomed! |
/cc @ampproject/ac: if you're representing constituencies affected by CCPA opt-out requirements, please chime in. Thank you. |
Also adding @MelSumner, @TedShuter, @aghassemi, @mjwettergreen, @jervay, and @msteffan (who I just realized weren't added yet to the @amproject/ac team). |
Hey, chiming in from the perspective of The Washington Post: We really need this ASAP. Thanks. |
@AramZS do you have feedback on the two challenges @zhouyx listed in #24910 (comment)? |
With respect to the two challenges that @zhouyx outlines:
|
Responding to @tobie as requested: Challenge 1. opt-outI agree with what is said above, we need to be able to have consistency in the opt-outs across platforms. If a user has opted-out on washingtonpost dot com, arrives on a WashPost AMP via Search and that AMP has
I think it would be reasonable to no longer 'phone-home' for that opt-out's status once it is set and sent to our API. If we want to find the most performant option, a solution might be: once the user's opt-out is registered and for as long as it is persistent in the AMP Viewer's storage the opt-out is the user's assumed state without an additional phone-home on each load. However, we'd want to register changes in that status so an async call to a publisher-based endpoint on every AMP view after the load to check if logged-in users have retained their opt-out status since the last AMP visit would be required. Challenge 2: Handle multiple consents.I agree this is a decision best made by checking the AMP Reader ID against our database. However, I'm not sure what situation would be the case in which there are multiple relevant consents. That said, as @darobin notes, Further, I'm not sure how it would work with More than the very specific question of CCPA vs GDPR we should assume more processes that have their own compliance parameters are likely to surface in the US and abroad and any system should be able to support not just two, but many potential consent situations. Additional questions:Beyond this question: AMP will also need to implement the IAB Consent Framework regardless of the state of consent, we will need to indicate that the CCPA IAB Consent framework is active, that we have displayed a compliant opt-out prompt and if the user has opted-out using their framework. We will also need that framework to explicitly signal that a user is not eligible for the opt-out process when they are outside the CCPA compliance area. The consent string of This is work is required to be complete by January 1 2020. Our team has also determined this will indeed be the enforcement date. EDIT: Also: this will need to work in AMP Stories. |
QQ on the opt-out, If a one time off sync between localStorage and server storage is provided. That AMP will use the local stored value and then ping server to update the stored value. Is this approach acceptable? Thanks. |
Another option we have considered is pure iframe based. That the |
I think that using the locally stored value as a cache for the real value is acceptable, but in that case I would tend to think that it would need to be relatively short-lived (and predictable). I'm am not sure: what is the value in using an |
In this case an API to update the local cached value can be provided. The local cached value can be updated every time the user visit the site, and the updated value will be used the next time the user visit the site again.
I agree that an iframe seems to be heavier. I proposed iframe instead of a CORS request because of four reasons.
However, we're only exploring the MVP solution right now. If the local storage one-time off solution is good with everyone, I would still propose the client side solution for MVP. Thank you |
@AramZS and @darobin Can I please get your feedback on the client side one-time off storage solution. The config will be something like:
|
@zhouyx thanks for the proposals. Could you explain a bit more about the geo detection for both proposals? |
Sure. AMP will continue to provide geo detection for EEA through |
@zhouyx Just to be clear, the Also, would the consent screen be able to trigger at different times for the EU and CA users? EU users need an immediate prompt, but CA users would be expected to trigger the opt-out process. Would we be able to specify a response to user initiated opt-outs via the API-based approach? (like 'You are not in CA so this does not apply')? |
I wanted to update this thread with our current technical understanding of how we expect the IAB Framework to be implemented. The IAB spec is still a draft, so there may be changes there, but I expect this methodology will be close to the version we have Jan 1. We're building our implementation off this understanding of the framework and we would anticipate that AMP's would work similarly. https://github.com/AramZS/IAB-CCPA-Framework-Implementation-Notes Please let me know if you spot any issues or errors or places where your understanding of the framework implementation would differ so that we can be aware of that in advance. |
That's correct
Yes we have that in mvp scope
Details is still under discussion. But we haven't included this design for this requirement yet. |
We will cover this topic in today's design review that's happening in one hour. #25082 |
Thanks for the feedback from the design review. Here's the design doc We've came down to proposal #1 or #2. Please let us know what's your idea on the MVP design. THank you! |
Please also find minutes from the design review here: #25082 (comment). |
Hi all, Thanks for joining the discussion in this thread and yesterday. After several round of discussions. The AMP team is leaning towards an iframe based solution for all future regulations support. There were a few good points raised by you
I've updated the design doc to include the short-term design. Please let us know if this work for you. We are looking to start implementation right after we get a green light from all of you. Thank you. |
We have a cleaner spec out here. Questions are welcome. |
@lannka is the intent of the To confirm: we would be sending a It appears from the existing documentation that the I am unclear on how this process would work via user initiation in the case of CCPA. For GDPR we needed a consent wall, but for CCPA we want the user to initiate the opt-out. Is there a way to tell the element to trigger in some other way than on-load? I saw some mention of that in the documentation, but not a clear methodology. (For example, if we needed to design and implement a trigger link for the user to initiate opt-out, I'm not sure how to do that from your document.) Finally, I do have a concern about assuring that AMP extensions respect the |
@AramZS thanks reviewing the spec. For CCPA integration, you basically need 4 things:
(1) amp-consent config
(2) server endpoint
note that (3) opt-out flow (4) data-block-on-consent Let me know if you have further questions. |
FYI, the work is tracked here: #25623 Given the tight timeline, I suggest who ever want to integrate can independently start the server endpoint work as listed in (2) & (3). |
Our team is good with this approach and we have started to plan implementation. As a heads up, the IAB has released a finalized version of their spec. I have updated my technical documentation as a result, you can see changes at: https://github.com/AramZS/IAB-CCPA-Framework-Implementation-Notes/pull/1/files |
FYI, the new spec has been implemented and deployed to dev channel for testing. Let us know how it works. There is one known issue, to be fixed soon: #25856 (update: already fixed) |
@lannka Awesome. Where/how should folks report issues? |
Firing separate issues would be preferred. Unless it's very relevant to this issue. |
Hi @lannka, we've implemented the steps you've outlined here and were wondering if you see anything wrong if our implementation. If it would be better to open a separate issue, let me know but seemed relevant. We're testing on the dev channel within canary and our code looks like the following: Geo Config:
Consent Config:
Our amp-ads are tagged with: We do see the AMP consent ui trigger for EU users, however it does not appear that the call is being made to our server endpoint at |
@baconjulie could you try:
The new syntax is here: https://github.com/ampproject/amphtml/blob/master/extensions/amp-consent/amp-consent.md#consent-configuration /cc @zhouyx @micajuine-ho |
Hi @baconjulie, just to echo what @lannka said: We also recommend migrating your inline config to the newest version outlined in the spec above. Please let us know if you have any other questions! |
Hi @micajuine-ho @lannka I just tried this locally and it appears to make the call while still showing the consent ui for EU. Thanks a lot, appreciate your help! |
@baconjulie you will need to override the
|
Describe the new feature or change to an existing feature you'd like to see
On January 1st, 2020 the CCPA comes into effect. One of the provisions of the law is that residents of California must be granted the ability to opt out of their data being sold. It is not immediately clear how to implement such functionality in AMP. Having looked at various approaches, at least the following items are potential issues or blockers:
amp-geo
only works at a country level; in order to offer California-specific affordances (for those who choose to implement it that way) it would require the ability to also provide US state-level results (for instance by placing a separate state-specificclass
).amp-consent
instance on page, so anyone already usingamp-consent
for other purposes, typically GDPR, cannot also use it for CCPA. (CCPA is an opt out mechanism, but this could be represented through a consent affordance triggered by a button, on which the options are reject and close).amp-consent
was designed to support multiple instances but that seems to have never been implemented.amp-analytics
andamp-ads
seem to support opt-in behaviour whereby they are off until anamp-consent
is agreed to, but they do not seem to support opt-out behaviour in which they run until an opt out is effected (equivalent to anamp-consent
reject) at which point they can be selectively disabled or modified. They would need to support that behaviour.amp-ads
does not currently appear to have the ability to pass the IAB flag to signal opted-out users.Given the short time frame remaining, we would appreciate reassurance that the AMP team intends for it to be possible to run AMP legally in 2020.
Describe alternatives you've considered
We have tried to hack this together every which way and it does not seem possible to make it work.
The text was updated successfully, but these errors were encountered: