The Engineering and Privacy team have been advised by OneTrust that the root cause of this issue was the change in the browser used to complete website scans by the application. All OneTrust instances were automatically moved to this new browser for website scans without prior notification which did not allow for any time to test any impact.
In order to resolve this issue we have requested to be moved back to the original browser used to complete website scans, until fixes have been implemented by the OneTrust product team. Once we move back to the new browser, the Engineering and Privacy Team will run tests to ensure no issues are experienced with the websites due to the Cookie banner script moving forward.
As no websites are currently experiencing issues, this incident will now be closed out.
For any additional information, please contact Allen Flynn (aflynn@theagora.com)
Kind regards, Privacy Team
Posted Nov 22, 2024 - 04:38 EST
Update
Hi all,
The Engineering and Privacy team met with OneTrust today in order to find a long term solution to this issue. At this time we are reliant on OneTrust completing an internal investigation into our Tenant and their general environment to determine why file types unrelated to cookies are being blocked upon rescan of the website and publishing of the scripts.
OneTrust's initial workaround is not a viable option for our business and we have placed a deadline of Thursday, November 21st on them coming back to us with an update.
Once we have this update, we will share it here.
Kind regards, Privacy Team
Posted Nov 15, 2024 - 10:04 EST
Update
The cause of the issue has been identified after a call with OneTrust on Friday night.
OneTrust's website scanner has incorrectly added file types to a block list during the latest website scans. This block list forms part of OneTrust's "Auto-Blocking" feature which if used as part of the script integration with a website will block these files until a user consents to there use. The Engineering and Privacy Team are working on removing the relevant file types from the block list, however this is a manual process and requires additional checks on .js files to ensure they contain a cookie file. This work will be completed on all impacted websites by COB tomorrow. All websites will be tested prior to the next notification.
Our OneTrust TAM will be contacted to determine why file types that are not dropping cookies have been added to the block list. Appropriate measures will be taken in the future to ensure that this issue does not arise in the future.
Thank you for your patience as this incident has been investigated.
Posted Nov 04, 2024 - 12:45 EST
Update
Yesterday, OneTrust team made some changes to their deployment and asked us to retest the setup. Unfortunately, we still experienced issues with some of the Affiliate websites. Engineering and Privacy teams are meeting the OneTrust team today to discuss next steps.
As a temporary measure, we have advised impacted Affiliates to remove OneTrust script from their websites until we have confirmed that the issue has been resolved.
Is the ability to take or process orders affected? NO
Are Customers able to access their products? YES (in some cases)
The Issue If user rejects (or partially accepts) cookie consent on the website, the website could be malfunctioning.
The Impact The impact appears to be that images, testimonials, videos and potentially popups are not being displayed on the website until a user clicks on the “Accept All” button on the cookie banner. If a website visitor clicks on “Reject All” these images, testimonials, videos and popups are not being displayed. This will affect the user experience on impacted websites.
Workaround If the user clicks on "Accept All" button within the cookie banner, the website will function as normal. If the user has "Rejected All" cookies before, they might need to clear their cache and history to get the cookie banner to appear again.
In some cases, where user clicks "Accept All", we're still experiencing issues with website malfunction.
Next Update We're working with the OneTrust support on a Priority 1 ticket to get this resolved ASAP.