Open source, developer focused & human centric consent management platform.
NOTE: This repository is a public version of the product available here, and previously developed by OrbisLabs. The code is being prepared for its debut into the open source world, however we welcome any votes of interest, please submit a comment or even just a 👍 on this issue.
Whilst exploring the Consent Management Platforms (CMPs) which are available both open and closed source, it was a striking fact that the goal was to drive the highest possible consent / opt-in rates. An article published by Digiday, explained how the publishing group Future, achieved a 95% opt-in rate through the optimisation and usage of dark patterns in their consent modal.
There was no thought given to the soft squidgy animals at the other end of the screen. Therefore this projects main aims are:
- Educate people on data harvesting on the web.
- Provide fine grained controls, over that data.
- Create a dialog between the user and the website owner.
- Achieve this through a pleasent user experience.
To help drive the main goals, we have decided to target the developer community to drive adoption of such tooling and use the community to help understand how best to address the web privacy issue.
Attribution: A “Nutrition Label” for Privacy by Lorrie Cranor
The final goal is to converge on a industry wide nutrition label for privacy.
Below are a list of some open source variants of the CMP, which exist today - most likely this list will be expanded with further information and moved into its own repository.
- IAB Tech Lab Reference Implementation
- Axel Springer - OIL.js
- Segment.io - Consent Manager
- Adledger Consortium - ClearGDPR
Can be found here.
Clone and install the application:
$ git clone https://github.com/ConsentStack/cmp.git
$ cd cmp
$ npm installBuild the application files:
$ npm run build:prodStart the server, we recommend using a process manager such as PM2:
$ pm2 start server/server.jsIncluding the script tag on your website:
<html>
<head>
<script src="//[YOUR_WEB_SERVER]/cmp" id="pluto-cmp-js-src" client-id="[CLIENT_ID]" async></script>
</head>
</html>To get a feel for the application, you can find the usage documentation located here.
Coming soon...
The below outlines from a very high level the aspirations of this project to make it a solution which will fit any website. Initially this project began as a closed source and cloud hosted solution, I am hoping to lean on the community for direction in design of a generalised, composable consent stack for developers.
A primary task for this project would be to separate the various logic for consent framework(s) and the UI element, to allow for developers to build their own UIs using any library or framework, or directly apply into their own website privacy pages.
The current UI is implemented using code split via import() and Vue.js, meaning the logic can run and not request the heavy UI files.
A simple illustration:
import Cmp from 'consentstack-cmp';
const cmp = new Cmp(config);
cmp.setConsent(consentObject);To save everyone writing CSS, it would be great to allow the publishing of UI themes into a central place for others to consume.
# install the core library
$ npm install consentstack-cmp
# install the open sourced visual theme
$ npm install consentstack-cmp-theme-darkThe IAB have created the Transparency and Consent Framework - which has many flaws:
- Heavily reliant on cookies
- Uses wording hard to decipher for non-techies
- Aims to gather high rates of consent
- etc
Google is also working on a framework and exposes some APIs into this as are other projects:
This roadmap item is focused on allow the community to plugin new frameworks to allow full interoperability.
A singe source of truth for consent receipts could convert this project from an application into a public utility.
More to come...
Allowing users to set settings to stop annoying popups.
You are welcome to fork the project and submit pull requests to the master branch. More detailed instructions for developers alongside first issues are coming soon!
The ConsentStack CMP is freely distributable under the terms of the MIT License.