If you are unaware of the basics of a Consent Management Platform, you can read the first part of the series here. We have covered the following: What is CMP? Why do you need it? is it compulsory? what is the IAB CMP validator? What should you consider about a CMP? Now let’s go further by discussing the best CMPs for publishers.
Sidenote: We aren’t associated with any of the CMPs listed here, and we restricted our list to include the top 6 CMPs. Of course, you can find more that fits your requirements.
Table of Contents
Top IAB-registered Consent Management Platforms (CMPs)
OneTrust is the most preferred CMP among the top publishers at the moment. It works closely with IAB and IAB Europe to support TCF v2.0. Other privacy policies OneTrust supports include CCPA, GDPR, LGPD, ePrivacy, and DAA AdChoices.
- Free version available to help you become GDPR compliant.
- Real-time dashboards to test and report on experiments you’ve conducted to improve opt-in rates.
- Tools to assess security risks related to your site’s third-party vendors (data processors).
- Consent notice based on the visitor’s geography.
- AI for automating regulatory tasks and identifying risks. For example, you can predefine how to respond to requests through a drag-and-drop automation builder. So when a request is submitted in the future, the AI can automatically perform the workflow without any human interaction.
- OneTrust handles many privacy laws, so you do not have to worry about separate policy implementations.
- It supports easy integration with existing tech stacks like Adobe Advertising Cloud, Facebook, FreeWheel, mParticle, Salesforce Audience Studio, and more.
- No code is required to integrate OneTrust for blocking tracking technologies until the visitor consents.
- It provides analysis and insights to help publishers in increasing opt-ins.
Online Privacy laws are one of the raising concerns for publishers. If you’re curious to know more about how to deal with different upcoming and existing data privacy laws, we have made a guide for you!
Quantcast is a renowned name in adtech. In addition to privacy-related solutions, it has other products like audience intelligence tools for publishers and marketing tools for advertisers. You can use Quantcast Choice for GDPR compliance. For CCPA, you have to use Quantcast Choice Premium. For mobile apps, you can use Choice Powered by Kochava and Quantcast.
- Quantcast Choice is free, and you can be GDPR compliant.
- The free plan also supports customization to match the website’s look and feel.
- Mobile apps can be made CCPA-compliant with Quantcast.
- Quantcast supports IAB Transparency and Consent Framework (TCF)
- Quantcast provides a centralized control portal so that all implementation, vendor management, and customization can be done from the same place.
- A single universal tag can be deployed on all your properties.
- It partnered with Kotchava, a mobile-specific analytics/attribution provider, to help publishers implement CMPs on mobile apps.
- Quantcast emphasizes quick integration and claims it can run within 15 minutes across multiple websites.
- Vendors that are not registered with IAB Framework can also be integrated with Quantcast Premium.
- With Quantcast, publishers can also provide a “Deny All” button in the cookie consent form. From the user’s perspective, it eases the opt-out process but may lead to higher opt-outs from a publisher’s perspective. However, you can always not include this button in your form.
TrustArc provides a variety of privacy-related products and services to publishers. Starting in 1997, TrustArc has had a strong foothold in the market. It is considered ideal for large publishers that want a robust solution for many privacy compliance needs.
- Modular platform with tools for every privacy regulation.
- Vendor risk management to assess, evaluate, and track vendor status and report on key compliance metrics.
- Free cookie consent manager.
- Cookie consent notice in various languages according to the visitor’s location.
- TrustArc’s privacy framework is designed to support CCPA, GDPR, LGPD, and more than 900 other global regulations.
- TrustArc provides scalability in privacy management operations for teams of all sizes and maturity levels.
- It offers dynamic privacy intelligence that can inform you about the right privacy requirements based on your business goals.
- It provides you with a request management portal to help you respond, track, manage, and resolve data usage-related requests from users in a timely manner.
Cookiebot is a recent addition to the IAB CMP compliance program. It operates from Europe and provides full compliance with GDPR, ePR, and CCPA. It is a software-as-a-service (SaaS) platform mainly focused on consent management.
- Free version available for small publishers with a single domain and less than 100 web pages.
- Support for single-page web applications.
- Economic pricing (€9, €21, and €37) packages.
- Stores consent data in encrypted form.
- Cookiebot is a cloud-based platform that scales as you grow. It can integrate with any website regardless of the framework used.
- Cookiebot currently supports more than 40 languages for the consent banner so that your website can ask for consent in the right language from the right user.
- The Cookiebot scanner simulates real users on your website; it exhausts all the technically possible options to find all the cookies and trackers working there.
- It can generate a cookie declaration based on the scan it conducts on the website.
- It supports bulk consent for multiple domains, meaning if you operate multiple websites, it will only ask for consent when the user visits your first site for the first time. The user’s consent will then be followed for all the websites.
Crownpeak is best suited for large-scale publishers with diverse privacy compliance needs. It provides a universal consent platform for managing all privacy policies. The main focus of Crownpeak is on user experience; therefore, publishers prioritizing UI/UX can get more out of it.
- Real-time website scan for all first-party and third-party scripts on your site.
- Database of over 6000 companies to show detailed profiles of the data collectors to the users.
- Customizable consent banners to match the look and feel of your website.
- API and App support.
- Crownpeak provides no-code implementation and prebuilt notices for privacy laws like CCPA and GDPR. It makes the implementation process faster and easier.
- It tests and optimizes consent notices to understand what can help increase consent opt-ins.
- API support helps track consent on multiple platforms like web, mobile, email, forms, IoT devices, chatbots, and more.
- Users can choose to provide consent at individual vendor and category levels; it helps provide a granular level of control.
Sourcepoint is another CMP focussed on user experience. It helps you comply with GDPR and CCPA and supports IAB’s Transparency and Consent Framework (TCF) versions 1 and 2. It also enables you to maintain a centralized database of consent records with the help of API.
- Tools to optimize consent management and ad monetization.
- Scans your website to add vendors automatically to your vendor list.
- Identity-based consent to track users across devices so that you are following users’ privacy preferences without asking for them again and again.
- Customizable UI components with the help of CSS and HTML.
- Sourcepoint supports both IAB and non-IAB vendors. So, you can manage them all with a single CMP.
- It provides user-friendly dashboards that help customize consent and monetization strategies for better results.
- Cross-environment compatibility saves time and effort by enabling you to manage consent signals across the desktop and mobile web, including AMP pages, OTT, Android, and iOS apps.
- Sourcepoint maintains vendor-wise records of consent for each user individually to provide enhanced controls to the user.
Every Consent Management Platform will have some common and exclusive features for publishers. Privacy policies like CCPA and GDPR require you to ask for the user’s consent and make you responsible for maintaining and securing the collected data (once the consent is given).
You are supposed to have an accurate audit trail explaining who consented, how the consent was taken, and what was told to the user while the consent was being taken. You should also be able to delete the data or provide it upon the user’s request.
The above-mentioned CMPs are capable of all the arrangements necessary for compliance. But the companies can also offer all the services separately in a modular fashion. You can choose to take all the services from the same company or separate services based on your requirements and integrate them. Assessing your needs before choosing the CMP for your website will always be better.