User and Data Privacy design need more discussion and broad industry input; at the same time there are tactical components of the Privacy focus we can address.
Potential Topic Areas:
Make privacy features easier to enable in AMP
Thinking of amp-consent scalability as more countries expand privacy laws
Review how amp-consent can be adapted ‘on the edge’ to accomodate for geo-specific consent requirements.
Perhaps a component which wraps AMP consent with AMP geo, without headaches?
Can AMP become the de-facto mechanism for ‘getting privacy right’?
More concrete actions
Lack of flexibility of AMP in the privacy realm
How to improve these issues?
Privacy by design vs. reactive approach
Are we missing a ‘privacy by design’ concept, where individual components / scenarios can declare their privacy/consent/storage scenarios (e.g., “Don’t render this component for users without X consent”).
Build privacy into AMP design features
What types and examples of ‘consent’ and privacy models (and resultant business/site logic) exist, and where does AMP struggle to solve for those? Can we get/create/define a bunch of these scenarios, and assess our fit?
User and Data Privacy design need more discussion and broad industry input; at the same time there are tactical components of the Privacy focus we can address.
Potential Topic Areas:
121 - Blog post on the CCPA outcome
122 - Privacy Policy on AMP Caches
123 - Privacy Messaging
142 - LGPD: Brazil's GDPR