Consent Handling

Rational

Why is consent handling becoming even more important? The short and the long answer is GDPR. When third-party content is included in a liveblog, if consent handling has not been enabled, the reader’s data is being unknowingly or unwillingly transmitted to the social media platform. That’s why it’s a topic that every platform or news site has to think about. Luckily our liveblog product provides several consent handling options to our partners so that they can choose which solution best fits their needs. While the first option is not recommended for most cases, the other points allow for flexibility with regard to compliancy.

With the Embed JS there are five main options when it comes to third-party content that is being embedded into the liveblog.

1. Integrated consent handling
2. Enable/Disable all Web Embeds without consent handling
3. Enable/Disable specific Web Embeds without consent handling
4. Integrated custom consent handling

Choosing the right option

The integrated consent handling 2-click switch is not only the easiest but also the fastest solution for keeping liveblogs reader-friendly and GDPR compliant.

1. Integrated consent handling

This is the default setting. It enables a small switch to be shown that allows readers to select which platforms may display content in the liveblog. Unless actively enabled, we will only show a GDPR-compliant preview of the tweet, post, or video.

<tickaroo-liveblog
  liveblogId="5f47bdba2a03d3abfab3c607"
  clientId="5c99e3358dce8c729e697547">
</tickaroo-liveblog>

2. Enable/Disable all Web Embeds without consent handling

Using the webEmbedDefaultConstraint parameteror on the tickaroo-liveblog tag you can force enable or disable all web embeds.

2.1 Always Enabled

This does not conform to the GDPR without further measures!

<tickaroo-liveblog
  liveblogId="5f47bdba2a03d3abfab3c607"
  webEmbedDefaultConstraint="full"
  clientId="5c99e3358dce8c729e697547">
</tickaroo-liveblog>

2.2 Always Simplified

This fully conforms to the GDPR without further measures!

<tickaroo-liveblog
  liveblogId="5f47bdba2a03d3abfab3c607"
  webEmbedDefaultConstraint="simple"
  clientId="5c99e3358dce8c729e697547">
</tickaroo-liveblog>

2.3 Completly disabled

Web embeds will not be shown at all!

<tickaroo-liveblog
  liveblogId="5f47bdba2a03d3abfab3c607"
  webEmbedDefaultConstraint="hide"
  clientId="5c99e3358dce8c729e697547">
</tickaroo-liveblog>

3.Enable/Disable specific Web Embeds without consent handling

Instead of enabling/disabling all embeds at once, it is also possible to do it for a specific provider. For example, you can disable third-party embedded content from YouTube but enable content from Facebook. Third-party embedded content that is not defined in webEmbedConstraints will be handled with the default setting. This option can be set on the tickaroo-liveblog tags.

A JSON Object with key/value pairs has to be suppliedfor that. The following example illustrates the possible values.

{
  "Gfycat": "full",
  "X": "simple",
  "Facebook": "consent",
  "Instagram": "hide",
  "dpa-webgrafik": "consent",
  "dpa-electionslive": "consent",
  "Apester": "consent",
  "Brightcove": "consent",
  "Datawrapper": "consent",
  "Infogram": "consent",
  "Glomex": "consent",
  "Opinary": "consent",
  "SoundCloud": "consent",
  "Spotify": "consent",
  "TikTok": "consent",
  "Vimeo": "consent",
  "YouTube": "consent",
  [iframe-domain]: "consent" // For generic iframes, the domain of the iframe will be used
}

• full will always load the full widget and is not GDPR confrom without further measures
• simple will always display a short summary and is GDPR conform
• consent will show a short summary but allow the user to load the full widget
• hide will not display the embed at all

In HTML you can specify as many or as few as you want. All other embeds will fall back to the default setting.

<tickaroo-liveblog
  liveblogId="5f47bdba2a03d3abfab3c607"
  webEmbedConstraints='{"Twittter":"simple"}'
  clientId="5c99e3358dce8c729e697547">
</tickaroo-liveblog>

The integrated consent handling 2-click switch is not only the easiest but also the fastest solution for keeping liveblogs reader-friendly and GDPR compliant.

4. Integrated custom consent handling

Using the customerConsent parameter on the tickaroo-liveblog tag you enable your own custom consent handling. A boolean has to be suppliedfor that.

When the customerConsent parameter is added, there is an event "tickarooLiveblogCustomConsent" dispatched on click of the consent toggle button.

When your code successfully handles the custom consent provided by your code, you can just execute event.target.setConsent(event.detail.provier, true) on the "tickarooLiveblogCustomConsent" event.

If your code handles the consent with and error you don’t need to do any more actions.

Example of implementation

<tickaroo-liveblog
  id="ticker1"
  liveblogId="5f47bdba2a03d3abfab3c607"
  clientId="5c99e3358dce8c729e697547"
  customerConsent="true">
</tickaroo-liveblog>

Javascript

// Recieve a dispatched event
const tickarooLiveblogCustomConsentEvent = "tickarooLiveblogCustomConsent";
const tickarooLiveblogCustomConsentSuccessEvent =
  "tickarooLiveblogCustomConsentSuccess";

const handleCustomConsent = (event) => {
  // ...
  // ...Your code...
  // ...

  if (consentResult === true) {
    event.target.setConsent(event.detail.provider, true);
  }
};

document
  .getElementById("ticker1")
  .addEventListener(tickarooLiveblogCustomConsentEvent, handleCustomConsent);