Problem
The "exempt" consent category has zero guardrails. Any destination can be marked exempt — including third-party ad networks and retargeting pixels. There's no validation, no allowlisting, and no audit trail.
Research findings (from privacy law, technical architecture, and adversarial review):
- ePrivacy Art 5(3) covers all client-initiated network requests, not just cookies (EDPB Guidelines 2/2023)
- "Exempt" is not a legal exemption — it requires an independent legal basis (GDPR Art 6(1)(f) legitimate interest)
- No industry precedent for invisible consent bypass (Segment, RudderStack, GA4 all make destinations visible)
- Privacy auditors would flag undisclosed exempt data flows as a GDPR Art 5(1)(a) transparency violation
See: agent-os/standards/core/necessary-vs-exempt.md
Proposed Changes
1. First-party restriction
Validate at config time that exempt destinations are first-party or contractually bound processors (Sentry, Datadog — not ad networks). Options:
- Allowlist of known first-party observability vendors
firstPartyOnly: true flag + domain validation- Console warning when exempt destinations send data
2. Legal basis declaration
Add optional legalBasis field to DestinationEntry:
{
destination: sentry,
config: { /* ... */ },
consent: ["exempt"],
legalBasis: "legitimate-interest", // or "contract-necessity", "statistical-exception"
}Even if unenforced today, this metadata is critical for audits and future regulation.
3. Audit trail
- Include
is_exempt: true in event context when dispatched to exempt destinations
- Emit
destination:exempt collector events for debug panel and monitoring
4. Runtime warnings
In debug mode, log a console warning when exempt destinations receive events — makes the data flow visible during development.
Files
packages/core/src/types.ts — DestinationEntry needs legalBasis fieldpackages/core/src/collector.ts — validation in addDestination(), exempt metadata in dispatchpackages/core/src/types.ts — CollectorEvent needs destination:exempt
Context
Identified during research into the necessary vs. exempt distinction. See standard: agent-os/standards/core/necessary-vs-exempt.md
Problem
The
"exempt"consent category has zero guardrails. Any destination can be marked exempt — including third-party ad networks and retargeting pixels. There's no validation, no allowlisting, and no audit trail.Research findings (from privacy law, technical architecture, and adversarial review):
See:
agent-os/standards/core/necessary-vs-exempt.mdProposed Changes
1. First-party restriction
Validate at config time that exempt destinations are first-party or contractually bound processors (Sentry, Datadog — not ad networks). Options:
firstPartyOnly: trueflag + domain validation2. Legal basis declaration
Add optional
legalBasisfield toDestinationEntry:Even if unenforced today, this metadata is critical for audits and future regulation.
3. Audit trail
is_exempt: truein event context when dispatched to exempt destinationsdestination:exemptcollector events for debug panel and monitoring4. Runtime warnings
In debug mode, log a console warning when exempt destinations receive events — makes the data flow visible during development.
Files
packages/core/src/types.ts—DestinationEntryneedslegalBasisfieldpackages/core/src/collector.ts— validation inaddDestination(), exempt metadata in dispatchpackages/core/src/types.ts—CollectorEventneedsdestination:exemptContext
Identified during research into the necessary vs. exempt distinction. See standard:
agent-os/standards/core/necessary-vs-exempt.md