I'm Eli, the lead engineer behind this project. I am excited to share Transcend's Consent Manager with you.
Consent management platforms handle the task of complying with the various data privacy laws to ensure that your users privacy rights are respected, and certain forms of tracking emissions only happen with the appropriate informed consent. You may have already seen how bad consent managers can get, with annoying popups blasting you all over the web asking if sites can track your personal data.
The current consent experience is broken. Existing consent management platforms aren't compliant (missing tracking technologies embedded in widgets, fonts, and more), rely on a homepage banners (distracting your users and driving up bounce rates), and compromise site performance (breaking elements on your site or slowing down performance).
Now that all changes – with Transcend Consent Manager, site owners can:
• Move the consent banner down the user journey or ditch it completely
• Enforce and manage fine-grained network-level consent rules in an easy-to-use admin dashboard interface
• Block, quarantine, & replay tracking events cross-session or in-place (e.g. a same-session DOM mutation is replayed or a fetch() promise is resolved).
• Override requests to use alternative domains or enforce privacy rules on parameters, skipping the SDK. (e.g. we can automatically enforce Facebook's LDU parameters, Google Consent Mode, Google Ads RDP, YouTube Privacy Enhanced Mode, etc. with no site changes)
• Privately sync consent & quarantine data across a first-party set of hosts without data ever leaving the browser
I previously announced our closed beta two months ago[1]. Today, we are finally launching general availability! This is a paid service ($39/mo + $12/million sessions) and we offer a one-month free trial for anyone that wants to evaluate our consent manager.
This looks really well executed, and a great idea. Well done!
Kind of unrelated, is it possible to use your open source client encryption library to provide encryption at rest (where the server only receives encrypted data and the key is generated and managed on the client)?
Yes, that use case is supported by our API, although we don't optimize around that. Feel free to submit an issue to the Penumbra repo if you need help using the library!
Good idea and execution, Eli and team. What are your opinions about Transcend Consent Manager and cross-border aspects? E.g. a company needs consent that involves laws varying by where data originates and where users reside.
Transcend Consent Manager currently only supports frontend data flow regulation.
Under our current scope, all regulated data originates from the user so there is no cross-border aspect to our product at this time.
We do plan to eventually expand to server-side runtimes like Node.js and Deno. While we haven't explored cross-border backend data sharing that much, we can already picture integrating these additional aspects with our regulation paradigm.
My problem with a lot of this stuff is: why would a well informed user consent to any of it? If any of the tracking doesn't benefit them, then this whole consent model is just a charade to convince ourselves that we gave them a choice and they made it. Whereas if they had time and energy to think, we know what they would choose: the absolute minimum.
6 comments
[ 0.20 ms ] story [ 23.9 ms ] threadI'm Eli, the lead engineer behind this project. I am excited to share Transcend's Consent Manager with you.
Consent management platforms handle the task of complying with the various data privacy laws to ensure that your users privacy rights are respected, and certain forms of tracking emissions only happen with the appropriate informed consent. You may have already seen how bad consent managers can get, with annoying popups blasting you all over the web asking if sites can track your personal data.
The current consent experience is broken. Existing consent management platforms aren't compliant (missing tracking technologies embedded in widgets, fonts, and more), rely on a homepage banners (distracting your users and driving up bounce rates), and compromise site performance (breaking elements on your site or slowing down performance).
Now that all changes – with Transcend Consent Manager, site owners can:
• Move the consent banner down the user journey or ditch it completely
• Enforce and manage fine-grained network-level consent rules in an easy-to-use admin dashboard interface
• Block, quarantine, & replay tracking events cross-session or in-place (e.g. a same-session DOM mutation is replayed or a fetch() promise is resolved).
• Override requests to use alternative domains or enforce privacy rules on parameters, skipping the SDK. (e.g. we can automatically enforce Facebook's LDU parameters, Google Consent Mode, Google Ads RDP, YouTube Privacy Enhanced Mode, etc. with no site changes)
• Optionally generate dynamic consent-derived Content Security Policies
• Privately sync consent & quarantine data across a first-party set of hosts without data ever leaving the browser
I previously announced our closed beta two months ago[1]. Today, we are finally launching general availability! This is a paid service ($39/mo + $12/million sessions) and we offer a one-month free trial for anyone that wants to evaluate our consent manager.
Transcend Consent Manager is powered by airgap.js, a JavaScript library created specifically for data flow regulation. See the infographic: https://cdn.transcend.io/infographics/airgap.js.gif
Check out the blog post from my previous submission to read about our engineering journey developing Transcend Consent Manager: https://transcend.io/blog/defeating-cookie-banners
I will be available in this thread to answer any questions. Let us know what you think!
1. https://news.ycombinator.com/item?id=27752790
Kind of unrelated, is it possible to use your open source client encryption library to provide encryption at rest (where the server only receives encrypted data and the key is generated and managed on the client)?
Under our current scope, all regulated data originates from the user so there is no cross-border aspect to our product at this time.
We do plan to eventually expand to server-side runtimes like Node.js and Deno. While we haven't explored cross-border backend data sharing that much, we can already picture integrating these additional aspects with our regulation paradigm.