DEV Community

Joel Kang
Joel Kang

Posted on

Protect your website users' privacy in a few simple steps

Have you ever been to a website only to be shown ads for something you were searching for a few days ago on a completely different site? No matter where we go, we can't seem to escape a few big companies following us around the web, knowing exactly who we are and what we've been doing on the web.

Recent regulation like the CCPA and GDPR aim to protect the privacy of web users by requiring websites to collect the consent of their users before collecting and sharing personally identifiable data.

Unfortunately, there's no silver bullet for protecting your user's privacy (yet), and adhering to these long legal documents is complicated and non-trivial. Technology has yet to keep pace with the changing privacy and legal landscape, even though this is changing.

Because we believe that a more private Web is one that's better for everyone, my company,, has just launched something we like to call Contextual Consent.

Contextual Consent

The main way that websites follow you around the Web is by setting cookies in your browser that identify you. Scripts from those websites that then get embedded on other websites (e.g. Google Analytics, Facebook's SDK etc.) can then read those cookies and figure out that I'm the same person who was searching for summer vacations in February. This is one of the biggest reasons why getting rid of third party cookies in a way that still supports ad-driven business is one of the next frontiers of the web.

Contextual Consent

We've thus built a way to help you prevent third party scripts from running, and thus reading your users' cookies, until they give consent. But unlike traditional cookie solutions, we don't throw up a massive modal or an ugly banner on your website. Instead, we block the scripts in-place, and render a small preview of the blocked element so that your users know exactly why, where and to whom their cookies to be sent when they give consent.

See it in action

In this Codepen, I've copied the quick start snippet from here into the <head> and, immediately, Metomic is already automatically blocking the Facebook Like button and the YouTube video. I then added a simple example to show how to block a third party script from being downloaded and run by adding a few attributes to the <script> tag.

I've also added a button that lets you revoke your consent for running these third parties. Since your consents are all stored in LocalStorage, Metomic has no idea who you are, and what you've consented to.

Are you tracking me?

User's consents are stored locally in the browser, so Metomic doesn't know who a user is. All we do is anonymously report back to our servers whether a consent or decline has been made so that we can show the website owner some statistics about their opt-in rate. We also fire anonymous behavioural tracking calls to our own servers to understand how the widget is being used, but none of that can be tied back to you.

Okay, I want to make the web more private

To try Contextual Consent on your website, get the quick start snippet from here. If you want more fine-grained control over how to block and placeholder third party scripts, follow our Quick Start guide.

Like this idea?

Give us a 👍🏻 and a 📣 on Product Hunt

Discussion (0)