TechBytes with Blake Brannon, VP Products, OneTrust

Blake Brannon

Blake Brannon
 VP Products,  OneTrust

Meeting GDPR guidelines is an on-going disruption that has made most businesses stand up and look beyond their traditional data privacy standards. How do cookies fit into all the hustle-bustle of GDPR? OneTrust’s Blake Brannon provides insights on Cookiepedia and how it helps their large partner network to support Privacy Initiatives, including GDPR.

Tell us about your role at OneTrust and the team and technology that you handle.

As VP of Product, I oversee all aspects of product development and manage a global team of product managers, developers, and engineers and we work together to make OneTrust into the industry’s leading privacy management software.

What is the state of privacy management software in 2018?

The General Data Protection Regulation (GDPR) made privacy top of mind for many companies, and as a result, we saw a rapid growth in customer adoption and use of OneTrust for their GDPR activities. Now that we are living in a GDPR world, it’s important we continue to advise our customers that privacy programmes are an on-going process, not a one-and-done initiative.

OneTrust was born out of our own personal appreciation of the importance of privacy and the economic and personal impact it has on both businesses and individuals. As the regulatory landscape and market expectations evolve so will our software. We’re looking ahead to changes in existing and future regulations such as ePrivacy (Cookie Law), HIPPA, Privacy Shield, Binding Corporate Rules (BCR), and Cross-Border Privacy Rules (CBPR). Because of this, the OneTrust product line will continue to expand to support further initiatives undertaken by CIO, CISO, privacy officers, legal and compliance teams as they come together to tackle and simplify data-driven operations around privacy management.

OneTrust will continue to lead in the privacy management space. We have the most comprehensive technology with a 200+ member R&D team driving product innovation with 16 patent awards. Our technology is backed by world-class privacy research and 100 certified privacy professionals in-house. Our customers are supported by a globally available services team, large partner network and an active user community from our PrivacyConnect global workshop series.

Tell us about Cookiepedia and how it helps large partner network to support Privacy Initiatives?

OneTrust owns and operates Cookiepedia, the world’s largest database of cookie and tracking technologies. Cookies are a small text file usually stored on a user’s browser that serves a variety of purposes – from remembering that a user is logged in to delivering targeted advertisements. New privacy regulations have encouraged companies to update their cookie notification banners to provide users detailed information on what tracking technologies they use and provide options for consenting to these technologies.

In order to understand what tracking technologies a customer may have on their website, OneTrust runs a website scan and organizes the cookies, tags, pixels, etc. into groups based on the Cookiepedia database of 6 million cookies and tracking technologies. Some cookies are strictly necessary, while others are used for social media or advertising purposes. Our customers can then sort their cookies by type and offer their website visitors the option to opt-in or out of specific cookie groups and subgroups.

How important is Consent Management for Publishers?

Publishers, or websites that provide content through advertisements, know consent management is vital under GDPR. In order to deliver highly relevant ads, publishers must get a user’s consent to capture their personal details before they offer up personalized advertisements.

OneTrust helps communicate a user’s preference from a publisher to an ad tech vendor. We were proud to be the first commercially-available consent management provider to adopt the IAB Europe Transparency and Consent Framework, which is quickly becoming the standard consent framework for publishers and ad tech vendors.

We help publishers obtain valid consent and share consent preferences with ad tech vendors for compliant ad delivery. Publishers leverage OneTrust’s consent user interface to capture consent from a user and, if approved, share those preferences with ad tech vendors, in adherence to the user’s choice. This is mission critical to both publishers and vendors to deliver highly relevant ads to consenting individuals.

How does your OneTrust Data Subject Requests tool technology help companies adhere to GDPR?

Under the GDPR, data subjects (people in the EU) have certain rights over their data. Now individuals can request from a company access to their data, deletion of their data, data portability and more. For many companies, processing these requests can be a complicated process. You have to receive the request, route it to the right people in the organization to process, and know where the person’s data exists within the organization. The OneTrust Data Subject Access Rights (DSAR) tool helps companies manage these requests from start to finish. We provide an online web process that’s available in 100+ languages for people to submit their requests. Then those requests are routed into the OneTrust platform so the right teams and systems are notified to process and complete the request. We the company needs to get in contact with the data subject, we provide a secure communications portal. Once the request has been completed and the data subject is satisfied, OneTrust can automatically delete any attachments associated with the request and keep a record that the request was completed for compliance purposes.

What are the core tenets of your technology driving GDPR Compliance?

There are four core tenets that make OneTrust the leader in privacy management.

We have the most comprehensive privacy management platform of tools in the market and a 200 member global R&D team driving product innovation with 16 patents awarded and counting,

We are built on world-class privacy research with over 100 certified privacy professionals in-house and on-going regulatory research from our global team,

Our customers are supported by our expert, multi-lingual global services team and large partner network, and finally

Our large active user community, which has thousands of members sharing best practices across global PrivacyConnect workshops

Because of these strong tenets, we have more than 1,500 global enterprises choosing OneTrust for their privacy programme management, including 200 of the Global 2,000 and the many of the world’s largest and most complex companies.

How do you prepare for your customers for the post-GDPR era?

We see GDPR as the beginning of a seismic shift towards data protection awareness and regulation. We anticipate more global privacy laws to be drafted and passed in the EU and beyond. More companies every day are coming to OneTrust because they realize the expanded benefits of protecting user privacy and want to leverage technology to automate many of their GDPR processes.

Our current customers are implementing new modules and expanding their privacy programme in areas like marketing compliance and vendor risk management. GDPR was a compelling event to ignite the global conversation on privacy and OneTrust will continue to evolve to meet the growing demands of our customers.

Thanks for chatting with us, Blake.

Stay tuned for more insights on marketing technologies. To participate in our Tech Bytes program, email us at