9 Building a consent management platform

This chapter covers

How collecting use consent became critical
How a consent management platform (CMP) works
A data model and schema for a consent platform
Code structures for consent functionality
Key capabilities that can optimize a CMP
Integrating a CMP into the business workflow

You have seen so far how engineers, technical program managers, and other leaders in lean and fast-paced businesses can address privacy needs for their business and its customers. These strategies include using security tools to protect privacy, classifying and cataloging data, obfuscating it, and deleting it.

Besides protecting data, being transparent about how and why you collect data is becoming critical for privacy stakeholders and regulators. The former include customers, media, and activists, while the latter range from non-profits to governments. This sentiment led to the codification of Data Subject Access Requests (DSARs ), which we examined in chapter 8. This chapter will dive deep into consent management, which is another privacy expectation that is becoming critical for any company that collects and handles customer data.

9.1 Why consent management is important

9.1.1 Consent management and privacy-related regulation

9.1.2 Consent management and tech industry changes

9.1.3 Consent management and your business

9.2 A consent management platform

9.3 A data schema model for consent management

9.3.1 The entity relationships that help structure a CMP

9.3.2 Entity relationship schemas: A CMP database

9.4 Consent code: Objects

9.4.1 API to check consent status

9.4.2 API to retrieve disclosures