Reworking the Planet 4 consent mechanism
Why complying with the highest privacy standards is ethically, legally, and morally the right thing to do
Web analytics play an important role in digital engagement. They help us to better understand our supporters and provide insights that can be used to drive more impact with our campaigns.
However, the (too often unethical) use of behavioural data and users’ private information by the big tech companies drew the attention of society and governments to the vulnerability of online privacy.
To tackle that, browsers have been deploying a series of measures to prevent tracking and profiling of users across the web, and legislators have been tightening privacy laws to ensure the protection of users’ rights. These changes, along with people’s increasing awareness, require a fundamental change in how we work with web analytics:
“Greenpeace holds an ethical responsibility to respect supporters’ data and honour their choices by championing privacy and data security” — Ibrahim Elawadi on Web Analytics 3.0
Abiding with privacy regulations is not only a moral and ethical obligation, but for non-profits, it represents a serious need to avoid their website users to be sharing data with ad trackers, which will ultimately use their attachment to the cause for marketing initiatives.
For Planet 4, the journey to provide an enjoyable web experience while protecting the privacy of our users started in 2019, but if we want Greenpeace to seriously lead by example, we need to evolve our setup further and make sure we are collecting only the data that is critical to our mission and with full acknowledgment and consent from our websites’ visitors.
Our current problems
Back in 2019, after an external evaluation of the legal risks, we opted for a setup based on first-party cookies that would allow us to read users’ consent preferences and control which 3rd party services would be fired from inside Google Tag Manager.
We made that decision because we decided to accept the risk of tracking users anonymously before consent, and applied additional measures to make sure all other advertising and marketing features were blocked.
What was acceptable in 2019, however, is nowadays no longer ethical, as this setup does not abide by the two main principles we are now following:
- avoid unnecessary fingerprinting (profiling) of the supporters with third parties, and
- honour the choice of our supporters by requiring explicit consent before placing any type of cookie.
What the 2021 review is asking obliging us to do
In September, Greenpeace International’s Insights team investigated the latest changes in privacy legislation around the world and made some recommendations about whether or not we needed to change our existing cookies setup or (more broadly) the whole consent mechanism on our websites.
We uncovered a few principles from GDPR and the ePrivacy Directive that concern the use of cookies on websites, what kind of information we should display to end-users, and when user consent is a necessary requirement.
In a nutshell, today, to comply with these regulations, every website must:
- Receive users’ consent before using any cookie (except the strictly necessary first-party cookies, which are cookies considered essential for the use of the platform)
- Allow users to access your service even if they refuse the use of certain cookies.
- Make it as easy for users to withdraw their consent, as it was for them to give their consent in the first place.
- Provide accurate and specific information about the data each cookie tracks and its purpose before consent is given.
- Document and store consent received from users.
There’s no negotiation on this. We must adjust our setup for all Planet 4 websites.
The solution: a full rework of the consent mechanism in 4 parts
The changes will not be adequate enough just by introducing a plugin or a new setting. We need to approach and rework the entire consent mechanism, to make it bullet-proof and safe for our users to keep enjoying our content.
Part 1: Auditing the cookies
First, we had to fully understand which category the cookies we are firing in Planet 4 belong to. By auditing our websites, we made clear distinctions between:
- Necessary cookies — First-party cookies are used to store information about users’ consent preferences, hide the cookies bar, and store the last Planet 4 website visited.
- Analytical cookies — Any cookies from tracking and analysis tools used to collect statistical and anonymised data. These could be from Google Analytics, Hotjar, or similar 3rd party companies.
- Marketing cookies — Any cookies which may also be used to serve advertising to users after they have left our sites (retargeting cookies). These could be from Facebook, Google Ads, or similar 3rd party companies.
The main difference here is that analytics cookies no longer fall within the ‘strictly necessary’ exemption, meaning that we must tell people about analytics cookies and gain consent for their use.
To do so, we implemented a new checkbox on the Planet 4 Cookies Block to allow users to accept/deny analytics cookies. The new checkbox is optional and can be enabled on the Planet 4 Cookies Settings by the site administrator (Admin > Planet 4 > Cookies )
Part 2: Implementation of Google’s Consent Mode
Google’s Consent Mode will allow us to actually respect the choice of users to accept analytical cookies. When enabled (on WordPress > Planet 4 Settings > Analytics), the consent mode will immediately start working with all Google’s tags implemented through GTM.
⚠️ PLEASE NOTE: As users explicitly have to give their consent, this will likely cause a big decrease in the traffic data collected in Google Analytics in most of our websites.
We are now evaluating such an impact on the Greenpeace International site and will come back with an evaluation, but we should be ready to accept this risk in favour of our users’ privacy. If you want to get started, check our documentation in Gitbook.
Part 3: Reviewing the privacy policy
As a logical consequence, the Privacy Policy of the International site had to be updated to reflect the new cookies setup.
We updated the list of all cookies, which includes a description of its purpose, expiration date, and the category each one falls into. We also edited the section “Use of Google Analytics” and changed the description of the performance and marketing cookies.
Part 4: Iterating on the cookies banner design
The last step of this new setup is a full redesign of the cookies banner users will see on our websites. We took the redesign of the bar brought in by the P4 design systems as a chance to embed the new consent mechanism while deploying it.
In the first iteration, a cookies consent box will slide in from the right bottom corner of the page.
But we want to go one step further and make it easier for our supporters to customize their cookies preferences, from within the same page. Users’ will be able to click on “change your cookies settings”, read the description of each cookie category, and decide which ones they’d like to enable/disable.
What’s next?
While the ongoing tests on the International Greenpeace website will clarify the actual impact on the data we can extract (will there really be a decline as people do not accept analytical cookies?), the idea is for all National and Regional Organizations (NROs) to go through the cookie audit and the privacy policy update (steps 1 and 3) within the next 3–4 months.
Regardless of the country, a Greenpeace National / Regional Organisation (aka NRO) operates, Greenpeace should champion the privacy of our supporters above all benefits. We are a campaigning network, and many of our supporters are activists who care deeply about privacy and security. It’s only fair that we do our part on the web experience as soon as possible.
Should you be willing to give direct feedback, a message to the Planet 4 team, or a thread in #web-analytics is always a good choice!
🍪 🧘🏿 ☮️
