New AMP features announced for geotargeting content, as well as some GDPR support
The Accelerated Mobile Pages project released a new 'amp-geo' component and full support for the 'amp-consent' component which may help some publishers address GDPR compliance
Google’s AMP (Accelerated Mobile Pages) team has announced a new component that enables users of the mobile-optimized framework to target content to site visitors based on their locations. This new “amp-geo” component allows content to be served dynamically based on the visitor’s country, inferred from the IP address.
The AMP project has been regularly adding features since the framework launched over two years ago, including expanded support for analytics, advertising, forms, interactive/video (particularly via the Stories format), as well as more flexible layout and menu options.
This new component will be particularly useful to site owners that target content or products to multinational customers. It enables greater control over not just language options (see the example below of “soccer” vs. “football”) but also visuals — images, branding and so on.
Implementing the amp-geo component is pretty straightforward. From the announcement:
1. Include the amp-geo script:
2. Include the amp-geo tag:
3. Mark up your document with CSS to alter content based on the user’s approximate location:
The team also announced the ability to extend this location-based dynamic content display using groups — whereby many countries can be specified for single dynamic content display in the amp-geo tag via the ISOCountryGroups key, with likewise straightforward implementation:
1. As above, include the amp-geo script in the of your document.
2. Instead of just including an empty amp-geo tag, configure ISOCountryGroups to reduce the amount of code you have to write to specify behaviors across multiple locales.
3. As in the previous example, mark up the document with CSS to alter content based on the user’s approximate location:
More detailed information on using amp-geo, ISOCountryGroups and amp-bind integration of both can be found here.
AMP and GDPR
The AMP project team also recently announced the full release of new tools that enable sites to implement user controls aimed at capturing data tracking and usage consent from visitors. These new tools are conveniently released in advance of the looming GDPR (General Data Protection Regulation) compliance deadline, which is May 25, 2018. The group had first indicated these new controls were coming back in early April.
If you’re unfamiliar with what the GDPR lays out and how you or your clients may or may not be impacted, our sister site, MarTech Today, put together a terrific primer — “MarTech Today’s Guide to GDPR — The General Data Protection Regulation” — that you can download for free here.
GDPR requires consent to be obtained from any EU citizen visiting a site that collects personal data on that citizen. Having the ability to capture and store consent is critical — and an even greater challenge for anyone using the AMP framework, with its more limited feature set and capabilities. Utilizing a single consent-gathering framework across non-AMP and AMP introduces an additional layer of complexity for webmasters — as most sites supporting the mobile-targeted framework maintain two versions of their pages, and very few have migrated to all website pages being AMP-only.
To begin to address these issues, the AMP project released the amp-consent component. Utilizing this component, sites can capture consent from users for (a few) specific data tracking actions, assisting site owners needing to comply with new GDPR and/or other privacy regulations. Implementing the amp-consent component will vary depending on your consent gathering needs, thus you’ll want to review the component spec in its entirety, and thoroughly understand the options currently available.
To make it easier to get started with amp-consent, the AMP project gives three full code examples for webmasters to test:
- Basic User Consent Flow — utilizes a traditional modal to notify users of data collection and obtain a single opt-in (or -out) for all.
- Advanced User consent Flow — enables opt-ins for specific actions.
- Geolocation-based Consent Flow — used in conjunction with the amp-geo component to target visitors from specific countries.
The screen shots below illustrate how the consent for a few of the different examples provided surface in the AMP UI:
In a post on his site, SEO Christian Kunz questions whether GDPR-compliant usage of AMP is actually possible. I reached out to [our publisher] Third Door Media’s GDPR consultant, Kristina Podnar, to discuss the issues Kunz raises and the challenges of being GDPR-compliant on the AMP framework.
Podnar emphasized understanding the difference between who is a data processor versus a data controller, a critical distinction in compliance. Data controllers (i.e., site owners) collecting data are required to obtain user consent; data processors are not necessarily. With AMP, if the site is served from Google’s cache, the question is whether Google is merely processing user data (IP addresses for example) or is also acting as a controller of that data (storing it in any way) while serving users an AMP site. In the AMP cache scenario, it does not appear that Google is a data controller.
It’s also important to note that due to the current limitations of the component, GDPR-compliant consent can only be captured in circumstances where a site needs to obtain consent for a single use of data being collected (e.g., via cookie, tracker). This is because GDPR requires that specific consent be gathered for each individual use of data being collected (for analytics, for ad serving, for a CRM and so on). Neither of the implementation examples allows for such opt-ins to be obtained. In particular, the “basic” example with a list of uses rolling into a single consent action is not compliant. Each list item would instead need to be an open checkbox where the user could opt-in per item.
The AMP team has indicated that they are working on adding support for more specific consent gathering, but as noted in this comment, two weeks ago, from AMP project collaborator Jasti, “Purpose based consent on a per vendor basis isn’t supported right now but we plan to in the future.”
Finally, it’s important to note that consent is currently only integrated with the following Google products, per the documentation:
- DoubleClick & AdSense (effective 5/10/18).
- AMP IMA Video (effective 5/15/18).
- AMP Geo (effective 5/10/18).
- AMP Stories (effective 5/15/18).
While this component is a good step forward to enabling site owners to capture user consent in AMP, until more integrations become available (note AMP supports over 100 ad networks, a dozen social networks, dozens of analytics vendors and so on), and per-use consent can be obtained in a single UI, amp-consent is far from being a solid solution to meeting strict GDPR-compliance.
Google’s annual developer conference, Google I/O kicks off today in San Jose, and we’ll update this article with any new information or announcements surrounding these AMP components.