Introduction
Cookies are used to store data on a visitor's computer or mobile device. Cookies are commonly used and sometimes critical to a website's functionality. Cookies can be used to store large amounts of data, store personal data and track online activity so advertisers can target ads. Because of the negatives that are associated with cookies, regulations have evolved around them. The three most common are:
- California Consumer Privacy Act (CCPA) used in California, Colorado, Utah, Connecticut and Virginia.
- General Data Protection Regulation (GDPR) used in the EU and United Kingdom.
- Quebec Law 25 used in Quebec.
This document is an introduction to get you started using OneTrust's Cookie Consent tool with Brightcove Beacon. Brightcove recommends using OneTrust for your Beacon cookie compliance needs.
The main sections in this document are:
- How OneTrust Cookie Consent works.
- Implementation steps.
- What data is collected?
How OneTrust Cookie Consent works
The end result of setting up OneTrust Cookie Consent is that a banner will appear in the Beacon App for geographic locations you choose. Here is an example of what the banner could look like (taken from OneTrust's site):
When a viewer clicks on the Customize Settings link in the banner, a Preference Center dialog appears. This allows your viewers to customize how cookies behave in their app:
OneTrust welcomes Beacon customers to contact them about the Cookie Consent product.
Overview of implementation process
There are a number of steps to implement OneTrust's cookie compliance with your Beacon app. Here is an overview of that process:
- Create your mobile/CTV application.
- Associate SDKs with the proper categorizations to the App
- Create templates that define your banner and preference center functionality and upload your logo for each template created.
- Create a geolocation rule group, which will act as a container for geolocation rules.
- Create geolocation rules that:
- Define the regions in which the cookie compliance will be used.
- Define the template to be used with the geolocation rule.
- Define other specifications, like how often re-consent will need to be done.
- Assign geolocation rules to the apps created.
- Publish the Mobile App Consent SDK that provide the actual cookie compliance in your Beacon app.
- Supply published SDK to Brightcove's OTT Delivery Team for implementation.
The major sections following in this document lead you step by step through the implementation process.
Create your mobile/CTV application
You first need to create an application to the platform you want to support, such as Android or iOS.
- Log in to your OneTrust account.
- From the Welcome page, click the Mobile app Consent or OTT & CTV Consent option according to the case.
- To start the process:
- In the left navigation, click Mobile apps or OTT & CTV apps according to the case.
- Click Add Mobile App or Add CTV Apps according to the case.
or
- Complete the fields.
- Click Create
Associate SDKs to the App
We are now going to create two SDKs, a performance cookie and a targeting cookie.
- From the Welcome page, click Categorizations.
- Select the SDKs tab.
- Click Add SDK.
- Complete the fields.
- Select the check boxes for the applications to which you want to assign the SDK.
- Confirm and Create
- Repeat the process to create the Targeting Cookie SDK.
Manage Languages
- Open the Template Details screen.
- Click Manage Languages. The Manage Languages modal appears.
Select the checkboxes for the languages you want to enable.
You can select a new default language by selecting the check box in the Default column.
- Save
The multi-language capabilities of Brightcove provide you with the ability to present your content and apps in the native language of your viewers.
Languages supported by Brightcove
- English (en)
- Spanish (es)
- Italian (it)
- French (fr)
- German (de)
- Mongolian (mn)
- Japanese (ja)
- Korean (ko)
- Chinese (zh)
- Russian (ru)
For more details see: Using Multiple Languages
Create geolocation rules
Creating geolocation rules first requires that you create a geolocation rule group. The group will act as a container for the rules you create. The actual geolocation rules define cookie compliance behaviors you wish for different geographic regions.
- To start the process, create a new rule group by:
- In the left navigation, click Geolocation Rules.
- Click Create New.
- In the Create New Rule Group dialog, supply a group name, organization and description.
- Click Create.
- To set the Global rule, start by clicking the edit button.
- Clear the Template input box and begin typing the name of your global template, created earlier, then select it.
- For the Cookie Categories, select Opt-out.
- For Capture Records of Consent change the following:
- Enable Capture Records of Consent
- Set Advanced Analytics to Strictly Necessary Cookies
- Consider checking the Use this consent model if site visitor's IP address is unknown checkbox if this rule acting in a global capacity.
- Click Save.
- To create your first actual geolocation rule, from the rule group details page, click Add Rule.
- You will now create the CCPA rule. The following table provides settings you need to make to be compatible with Beacon. Other changes can be made based on regulations for your targeted geographies.
Form element Value Rule Name Provide a name Regions Select the geo-locations in which the rule should be applied. This can be regions, countries, or states.
For CCPA, you would most likely want to include California, then any other desired regions like Colorado, Utah, Connecticut and Virginia.
Template Choose the template created that was based on the CCPA framework. Cookie Categories Opt-out Capture Records of Consent Enabled Advanced Analytics Strictly Necessary Cookies - Create the GDPR rule. Be sure to supply the following values to insure compatibility with Beacon. Other values can be set as needed to meet other regulations.
Form element Value Rule Name Provide a name Regions Select the geo-locations in which the rule should be applied. This can be regions, countries, or states.
For GDPR, you would most likely want to include Eu and United Kingdom, then any other desired regions.
Template Choose the template created that was based on the IAB framework. Cookie Categories Opt-in Capture Records of Consent Enabled Advanced Analytics Strictly Necessary Cookies - Create the Quebec Law 25 rule. Be sure to supply the following values to insure compatibility with Beacon. Other values can be set as needed to meet other regulations.
Form element Value Rule Name Provide a name Regions Select the geo-locations in which the rule should be applied. This can be regions, countries, or states.
For Quebec Law 25 include Quebec, then any other desired regions.
Template Choose the template created that was based on the Quebec Law 25 framework. Cookie Categories Opt-in Capture Records of Consent Enabled Advanced Analytics Strictly Necessary Cookies - Check to be sure your rules appear as follows, except of course, using your rule names.
Assigning Geolocation Rule Groups to Applications
- In the left navigation, click Geolocation Rules.
- For the Geolocation Rule Group you created, click the ellipses icon and select Assign to Mobile Apps or Assign to CTV Apps according to the case.
- Select the appropriate apps you would like to assign this policy to.
- click Assign.
Publishing OneTrust SDKs
- On the Cookies Compliance menu.
- select SDKs.
Click the link in the Name column for the application you want to edit.
- On the app detail page you can see the SDKs you created earlier and associated with this app and you also can see the ids you will need to provide for the App to function correctly : “Mobile/CTV App ID” and “CDN Location”.
- Select the SDK tab.
Click Publish.
- Select the SDK type Native SDK.
- Enable the Publish individual languages setting to publish them separately. If left disabled, all languages will be published.
- Check the box next to Do you require users to re-consent? setting if you wish to allow users to re-consent.
- Click the View Details link to review any release note updates before publishing to your live production SDK.
- Click either the Publish Test SDK button or Publish Production SDK button to complete the action.
What data is collected?
Data is collected for the these main purposes:
- App behavior
- Analytics
- Ad targeting
The steps above configured your system to address these general purposes:
Data | Use(s) |
---|---|
Geo-filtering | Location services |
Device information (model, type, OS version) | Login, trace actions, analytics, record favorites, etc. |
Ad targeting | Specified ads |
Locale | Number and date formatting, currencies |
App information (name, version, errors) | Reports on versions used, aggregated errors for proactive corrections, etc. |
User navigation and use patterns | Google analytics (navigation patterns), sign ups, count search, page opens, etc. |
Local storage | Persist credentials and login info, user application state, user settings, etc. |
Standards body purpose definitions
The purposes for cookie data collection are very thoroughly defined in the IAB Europe Transparency & Consent Framework v2.0. The definitions can be found in Appendix A: Purposes and Features Definitions of the IAB Europe Transparency & Consent Framework Policies document.
The IAB Europe Transparency & Consent Framework v2.2 defines 11 purposes. The following table displays those used by Beacon.
Purpose | Name |
---|---|
1 | Store and/or access information on a device. |
3 | Create profiles for personalized advertising. |
4 | Use profiles to select personalized advertising. |
7 | Measure advertising performance. |
8 | Measure content performance |
Related Documentation
- Consent management in beacon web.
- Create templates