Expanded support for consent types: Handling changes to consent type

[anissaconnor]

If we are supporting the collection of multiple types of consent we should consider the scenario when a CMP user wants to change the type of consent they are collecting. As per the specification, service specific overrides group consent which overrides global consent. If the CMP user changes from a higher priority consent type to a lower priority consent type (e.g. service specific to global consent), they must choose whether this applies to either:
All users regardless of existing consent record (default) OR
New users with no consent record only and users with consent due to expire in 30 days
The existing cookies associated with the higher priority types should be deleted when the user provides their consent for the new type. No action is required when a CMP user switches to have the CMP collect a higher priority consent type instead of a lower priority consent type aside from setting the cookie associated with the new consent type.

[anissaconnor]

@SupahNickie do we support this right now? If so can we close?

[SupahNickie]

Right now, this is not supported. Cookies are set where the CMP is configured to set them, which is probably explained easier using examples:

A site is configured to set global cookies, it tries to read global cookies first and if that fails, then it falls back to a local cookie if it's present. Then, upon successful submission, it sets only a global cookie (not a local domain vendor cookie).

A site is not configured to set global cookies, it tries to read local cookies only. Upon successful submission, it does not write a global cookie and instead persists a vendor cookie to the local domain only.

As described, the "hierarchical" tiers of cookie preference are not implemented. It would be a relatively major feature to implement but not extremely difficult.